Android
by Google
CVEs (4,041)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-0150 | 0.00 | — | 0.00 | Jun 11, 2020 | In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | |||
| CVE-2020-0156 | 0.00 | — | 0.00 | Jun 11, 2020 | In NxpNfc::ioctl of NxpNfc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | |||
| CVE-2020-0153 | 0.00 | — | 0.00 | Jun 11, 2020 | In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:… | |||
| CVE-2020-0139 | 0.00 | — | 0.00 | Jun 11, 2020 | In NDEF_MsgValidate of ndef_utils.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malformed NFC tag is provided by the firmware. System execution privileges are needed and user interaction is not needed… | |||
| CVE-2020-0154 | 0.00 | — | 0.00 | Jun 11, 2020 | In nci_proc_core_rsp of nci_hrcv.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for… | |||
| CVE-2020-0149 | 0.00 | — | 0.00 | Jun 11, 2020 | In btu_hcif_mode_change_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for… | |||
| CVE-2020-0205 | 0.00 | — | 0.01 | Jun 11, 2020 | In the DaalaBitReader constructor of entropy_decoder.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with no additional execution privileges needed. User interaction is needed for… | |||
| CVE-2020-0129 | 0.00 | — | 0.00 | Jun 11, 2020 | In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | |||
| CVE-2020-0175 | 0.00 | — | 0.01 | Jun 11, 2020 | In XMF_ReadNode of eas_xmf.c, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:… | |||
| CVE-2020-0195 | 0.00 | — | 0.01 | Jun 11, 2020 | In ihevcd_iquant_itrans_recon_ctb of ihevcd_iquant_itrans_recon_ctb.c and related functions, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is… | |||
| CVE-2020-0199 | 0.00 | — | 0.00 | Jun 11, 2020 | In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a possible use-after-free due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:… | |||
| CVE-2020-0200 | 0.00 | — | 0.01 | Jun 11, 2020 | In ReadLittleEndian of raw_bit_reader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with no additional execution privileges needed. User interaction is needed for… | |||
| CVE-2020-0137 | 0.00 | — | 0.00 | Jun 11, 2020 | In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for… | |||
| CVE-2020-0209 | 0.00 | — | 0.00 | Jun 11, 2020 | In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2020-0193 | 0.00 | — | 0.01 | Jun 11, 2020 | In ihevc_intra_pred_chroma_mode_3_to_9_av8 of ihevc_intra_pred_chroma_mode_3_to_9.s, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed… | |||
| CVE-2020-0128 | 0.00 | — | 0.01 | Jun 11, 2020 | In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions:… | |||
| CVE-2020-0182 | 0.00 | — | 0.01 | Jun 11, 2020 | In exif_entry_get_value of exif-entry.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | |||
| CVE-2020-0135 | 0.00 | — | 0.00 | Jun 11, 2020 | In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:… | |||
| CVE-2020-0218 | 0.00 | — | 0.00 | Jun 11, 2020 | In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for… | |||
| CVE-2020-0208 | 0.00 | — | 0.00 | Jun 11, 2020 | In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID:… |
- CVE-2020-0150Jun 11, 2020risk 0.00cvss —epss 0.00
In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- CVE-2020-0156Jun 11, 2020risk 0.00cvss —epss 0.00
In NxpNfc::ioctl of NxpNfc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- CVE-2020-0153Jun 11, 2020risk 0.00cvss —epss 0.00
In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…
- CVE-2020-0139Jun 11, 2020risk 0.00cvss —epss 0.00
In NDEF_MsgValidate of ndef_utils.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malformed NFC tag is provided by the firmware. System execution privileges are needed and user interaction is not needed…
- CVE-2020-0154Jun 11, 2020risk 0.00cvss —epss 0.00
In nci_proc_core_rsp of nci_hrcv.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for…
- CVE-2020-0149Jun 11, 2020risk 0.00cvss —epss 0.00
In btu_hcif_mode_change_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for…
- CVE-2020-0205Jun 11, 2020risk 0.00cvss —epss 0.01
In the DaalaBitReader constructor of entropy_decoder.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with no additional execution privileges needed. User interaction is needed for…
- CVE-2020-0129Jun 11, 2020risk 0.00cvss —epss 0.00
In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- CVE-2020-0175Jun 11, 2020risk 0.00cvss —epss 0.01
In XMF_ReadNode of eas_xmf.c, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…
- CVE-2020-0195Jun 11, 2020risk 0.00cvss —epss 0.01
In ihevcd_iquant_itrans_recon_ctb of ihevcd_iquant_itrans_recon_ctb.c and related functions, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is…
- CVE-2020-0199Jun 11, 2020risk 0.00cvss —epss 0.00
In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a possible use-after-free due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…
- CVE-2020-0200Jun 11, 2020risk 0.00cvss —epss 0.01
In ReadLittleEndian of raw_bit_reader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with no additional execution privileges needed. User interaction is needed for…
- CVE-2020-0137Jun 11, 2020risk 0.00cvss —epss 0.00
In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…
- CVE-2020-0209Jun 11, 2020risk 0.00cvss —epss 0.00
In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID:…
- CVE-2020-0193Jun 11, 2020risk 0.00cvss —epss 0.01
In ihevc_intra_pred_chroma_mode_3_to_9_av8 of ihevc_intra_pred_chroma_mode_3_to_9.s, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed…
- CVE-2020-0128Jun 11, 2020risk 0.00cvss —epss 0.01
In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions:…
- CVE-2020-0182Jun 11, 2020risk 0.00cvss —epss 0.01
In exif_entry_get_value of exif-entry.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- CVE-2020-0135Jun 11, 2020risk 0.00cvss —epss 0.00
In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…
- CVE-2020-0218Jun 11, 2020risk 0.00cvss —epss 0.00
In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…
- CVE-2020-0208Jun 11, 2020risk 0.00cvss —epss 0.00
In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID:…
Page 185 of 203