Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76324 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-0440 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In createVirtualDisplay of DisplayManagerService.java, there is a possible way to create a trusted virtual display due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-162627132 | ||||
| CVE-2020-0439 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due to an incorrect permission check. This could lead to local escalation of privilege that allows instant apps access to permissions not allowed for instant apps, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-140256621 | ||||
| CVE-2020-0438 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In the AIBinder_Class constructor of ibinder.cpp, there is a possible arbitrary code execution due to uninitialized data. This could lead to local escalation of privilege if a process were using libbinder_ndk in a vulnerable way with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-161812320 | ||||
| CVE-2020-0434 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In Pixel's use of the Catpipe library, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150730508 | ||||
| CVE-2020-0433 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-151939299 | ||||
| CVE-2020-0432 | 2 Google, Opensuse | 2 Android, Leap | 2024-11-21 | 7.8 High |
| In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143560807 | ||||
| CVE-2020-0430 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In skb_headlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-153881554 | ||||
| CVE-2020-0423 | 2 Debian, Google | 2 Debian Linux, Android | 2024-11-21 | 7.8 High |
| In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-161151868References: N/A | ||||
| CVE-2020-0421 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-161894517 | ||||
| CVE-2020-0420 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In setUpdatableDriverPath of GpuService.cpp, there is a possible memory corruption due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-162383705 | ||||
| CVE-2020-0418 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In getPermissionInfosForGroup of Utils.java, there is a logic error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153879813 | ||||
| CVE-2020-0417 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-154319182 | ||||
| CVE-2020-0416 | 1 Google | 1 Android | 2024-11-21 | 8.8 High |
| In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-155288585 | ||||
| CVE-2020-0413 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-158778659 | ||||
| CVE-2020-0409 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In create of FileMap.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0 Android-8.1 Android-9Android ID: A-156997193 | ||||
| CVE-2020-0408 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-156999009 | ||||
| CVE-2020-0406 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In libmpeg2dec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if another exploit allowed this to be triggered with different parameters, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137794014 | ||||
| CVE-2020-0405 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In NetworkStackNotifier, there is a possible permissions bypass due to an unsafe implicit PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157475111 | ||||
| CVE-2020-0401 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In setInstallerPackageName of PackageManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and granting spurious permissions with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-150857253 | ||||
| CVE-2020-0394 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onCreate of BluetoothPairingDialog.java, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege and untrusted devices accessing contact lists with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-155648639 | ||||