Total
8334 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27047 | 1 Google | 1 Android | 2020-12-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| In ce_t4t_update_binary of ce_t4t.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157649298 | |||||
| CVE-2020-27049 | 1 Google | 1 Android | 2020-12-16 | 6.8 MEDIUM | 7.8 HIGH |
| In rw_t3t_send_raw_frame of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157649467 | |||||
| CVE-2020-27048 | 1 Google | 1 Android | 2020-12-16 | 6.8 MEDIUM | 7.8 HIGH |
| In RW_SendRawFrame of rw_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157650117 | |||||
| CVE-2020-0486 | 1 Google | 1 Android | 2020-12-16 | 4.6 MEDIUM | 7.8 HIGH |
| In openAssetFileListener of ContactsProvider2.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege to change contact data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150857116 | |||||
| CVE-2020-0244 | 1 Google | 1 Android | 2020-12-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| In writeBurstBufferBytes of SPDIFEncoder.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no clear exfiltration path, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-145262423 | |||||
| CVE-2020-0476 | 1 Google | 1 Android | 2020-12-16 | 2.1 LOW | 4.4 MEDIUM |
| In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to logs. This could lead to local information disclosure with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-162014574 | |||||
| CVE-2020-27027 | 1 Google | 1 Android | 2020-12-16 | 2.1 LOW | 5.5 MEDIUM |
| In nfc_ncif_proc_get_routing of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-122358602 | |||||
| CVE-2020-27028 | 1 Google | 1 Android | 2020-12-16 | 2.1 LOW | 4.4 MEDIUM |
| In filter_incoming_event of hci_layer.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-141618611 | |||||
| CVE-2020-0478 | 1 Google | 1 Android | 2020-12-16 | 6.8 MEDIUM | 7.8 HIGH |
| In extend_frame_lowbd of restoration.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150780418 | |||||
| CVE-2020-0479 | 1 Google | 1 Android | 2020-12-16 | 6.8 MEDIUM | 7.8 HIGH |
| In callUnchecked of DocumentsProvider.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a malicious app to access files available to the DocumentProvider without user permission, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157294893 | |||||
| CVE-2020-27031 | 1 Google | 1 Android | 2020-12-16 | 2.1 LOW | 4.4 MEDIUM |
| In nfc_data_event of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151313205 | |||||
| CVE-2020-0481 | 1 Google | 1 Android | 2020-12-16 | 2.1 LOW | 3.3 LOW |
| In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a non-system app to send a broadcast it shouldn't have permissions to send, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157472962 | |||||
| CVE-2020-0482 | 1 Google | 1 Android | 2020-12-16 | 2.1 LOW | 4.4 MEDIUM |
| In command of IncidentService.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150706572 | |||||
| CVE-2020-27033 | 1 Google | 1 Android | 2020-12-16 | 2.1 LOW | 4.4 MEDIUM |
| In nfc_ncif_proc_get_routing of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153655153 | |||||
| CVE-2020-0280 | 1 Google | 1 Android | 2020-12-15 | 1.9 LOW | 5.5 MEDIUM |
| In nci_proc_ee_management_rsp of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136565424 | |||||
| CVE-2020-27021 | 1 Google | 1 Android | 2020-12-15 | 2.1 LOW | 4.4 MEDIUM |
| In avrc_ctrl_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-168712245 | |||||
| CVE-2020-27024 | 1 Google | 1 Android | 2020-12-15 | 5.0 MEDIUM | 7.5 HIGH |
| In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure triggered by a malformed Bluetooth packet, with no additional execution privileges needed. User interaction is not needed for exploitation. Bounds Sanitizer mitigates this in the default configuration.Product: AndroidVersions: Android-11Android ID: A-162327732 | |||||
| CVE-2020-27036 | 1 Google | 1 Android | 2020-12-15 | 4.6 MEDIUM | 6.7 MEDIUM |
| In phNxpNciHal_send_ext_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153731369 | |||||
| CVE-2020-27037 | 1 Google | 1 Android | 2020-12-15 | 2.1 LOW | 4.4 MEDIUM |
| In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153731335 | |||||
| CVE-2020-27038 | 1 Google | 1 Android | 2020-12-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| In process of C2SoftVorbisDec.cpp, there is a possible resource exhaustion due to a memory leak. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154302257 | |||||