Total
6434 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-26598 | 1 Google | 1 Android | 2020-10-08 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, and 9.0 software. The Network Management component could allow an unauthorized actor to kill a TCP connection. The LG ID is LVE-SMP-200023 (October 2020). | |||||
CVE-2020-26602 | 1 Google | 1 Android | 2020-10-08 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in EthernetNetwork on Samsung mobile devices with O(8.1), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 (October 2020). | |||||
CVE-2020-26603 | 1 Google | 1 Android | 2020-10-08 | 5.0 MEDIUM | 5.3 MEDIUM |
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung ID is SVE-2020-18433 (October 2020). | |||||
CVE-2020-26605 | 1 Google | 1 Android | 2020-10-08 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exynos chipsets) software. They allow attackers to obtain sensitive information by reading a log. The Samsung ID is SVE-2020-18596 (October 2020). | |||||
CVE-2020-0374 | 1 Google | 1 Android | 2020-09-24 | 7.2 HIGH | 7.8 HIGH |
In NFC, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156251602 | |||||
CVE-2020-0354 | 1 Google | 1 Android | 2020-09-24 | 7.5 HIGH | 9.8 CRITICAL |
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-143604331 | |||||
CVE-2020-0318 | 1 Google | 1 Android | 2020-09-24 | 4.9 MEDIUM | 5.5 MEDIUM |
In the System UI, there is a possible system crash due to an uncaught exception. This could lead to local permanent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-33646131 | |||||
CVE-2020-0262 | 1 Google | 1 Android | 2020-09-24 | 4.6 MEDIUM | 7.8 HIGH |
In WiFi tethering, there is a possible attacker controlled intent due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156353008 | |||||
CVE-2020-0268 | 1 Google | 1 Android | 2020-09-24 | 4.4 MEDIUM | 6.4 MEDIUM |
In NFC, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-148294643 | |||||
CVE-2020-0405 | 1 Google | 1 Android | 2020-09-24 | 4.6 MEDIUM | 7.8 HIGH |
In NetworkStackNotifier, there is a possible permissions bypass due to an unsafe implicit PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157475111 | |||||
CVE-2020-0388 | 1 Google | 1 Android | 2020-09-24 | 7.2 HIGH | 7.8 HIGH |
In createEmergencyLocationUserNotification of GnssVisibilityControl.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-156123285 | |||||
CVE-2020-0392 | 1 Google | 1 Android | 2020-09-24 | 7.2 HIGH | 7.8 HIGH |
In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-150226608 | |||||
CVE-2020-0074 | 1 Google | 1 Android | 2020-09-23 | 7.2 HIGH | 7.8 HIGH |
In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-146204120 | |||||
CVE-2020-0245 | 1 Google | 1 Android | 2020-09-23 | 9.3 HIGH | 8.8 HIGH |
In DecodeFrameCombinedMode of combined_decode.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-152496149 | |||||
CVE-2020-0379 | 1 Google | 1 Android | 2020-09-23 | 2.9 LOW | 5.7 MEDIUM |
In the Bluetooth service, there is a possible spoofing attack due to a logic error. This could lead to remote information disclosure of sensitive information with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-150156492 | |||||
CVE-2020-0385 | 1 Google | 1 Android | 2020-09-23 | 4.3 MEDIUM | 5.5 MEDIUM |
In Parse_insh of eas_mdls.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote information disclosure in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-150160041 | |||||
CVE-2020-0123 | 1 Google | 1 Android | 2020-09-23 | 10.0 HIGH | 9.8 CRITICAL |
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-149871374 | |||||
CVE-2020-0229 | 1 Google | 1 Android | 2020-09-23 | 10.0 HIGH | 9.8 CRITICAL |
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-156333725 | |||||
CVE-2020-0278 | 1 Google | 1 Android | 2020-09-23 | 10.0 HIGH | 9.8 CRITICAL |
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812574 | |||||
CVE-2020-0342 | 1 Google | 1 Android | 2020-09-23 | 10.0 HIGH | 9.8 CRITICAL |
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812576 |