VYPR

Android

by Google

CVEs (4,290)

  • CVE-2020-0261HigAug 13, 2020
    risk 0.51cvss 7.8epss 0.00

    In C2 flame devices, there is a possible bypass of seccomp due to a missing configuration file. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2020-0108HigAug 11, 2020
    risk 0.51cvss 7.8epss 0.01

    In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0226HigJul 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In createWithSurfaceParent of Client.cpp, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0209HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID:…

  • CVE-2020-0208HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID:…

  • CVE-2020-0188HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    In onCreatePermissionRequest of SettingsSliceProvider.java, there is a possible permissions bypass due to a PendingIntent error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0183HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    In handleMessage of BluetoothManagerService, there is an incomplete reset. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-110181479

  • CVE-2020-0150HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0137HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0129HigJun 11, 2020
    risk 0.51cvss 7.8epss 0.00

    In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0105HigMay 14, 2020
    risk 0.51cvss 7.8epss 0.00

    In onKeyguardVisibilityChanged of key_store_service.cpp, there is a missing permission check. This could lead to local escalation of privilege, allowing apps to use keyguard-bound keys when the screen is locked, with no additional execution privileges needed. User interaction is…

  • CVE-2020-0102HigMay 14, 2020
    risk 0.51cvss 7.8epss 0.00

    In GattServer::SendResponse of gatt_server.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0085HigMar 10, 2020
    risk 0.51cvss 7.8epss 0.00

    In setBluetoothTethering of PanService.java, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege to activate tethering with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2019-2221HigDec 6, 2019
    risk 0.51cvss 7.8epss 0.00

    In hasActivityInVisibleTask of WindowProcessController.java there’s a possible bypass of user interaction requirements due to incorrect handling of top activities in INITIALIZING state. This could lead to local escalation of privilege with no additional execution privileges…

  • CVE-2019-2210HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    In load_logging_config of qmi_vs_service.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-2203HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-2201HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.03

    In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for…

  • CVE-2019-2173HigOct 11, 2019
    risk 0.51cvss 7.8epss 0.00

    In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2019-2114HigOct 11, 2019
    risk 0.51cvss 7.8epss 0.00

    In the default privileges of NFC, there is a possible local bypass of user interaction requirements on package installation due to a default permission. This could lead to local escalation of privilege by installing an application with no additional execution privileges needed.…

  • CVE-2019-9378HigSep 27, 2019
    risk 0.51cvss 7.8epss 0.00

    In the Activity Manager service, there is a possible permission bypass due to incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:…

Page 45 of 215