Total
8334 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-0205 | 1 Google | 1 Android | 2020-06-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| In the DaalaBitReader constructor of entropy_decoder.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147234020 | |||||
| CVE-2020-0184 | 1 Google | 1 Android | 2020-06-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ihevcd_ref_list() of ihevcd_ref_list.c, there is a possible infinite loop due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141688974 | |||||
| CVE-2020-0204 | 1 Google | 1 Android | 2020-06-15 | 5.1 MEDIUM | 7.0 HIGH |
| In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition. This could lead to local escalation of privilege by allowing a bypass of the initial zip file signature check for an OS update with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136498130 | |||||
| CVE-2020-0189 | 1 Google | 1 Android | 2020-06-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ihevcd_decode() of ihevcd_decode.c, there is possible resource exhaustion due to an infinite loop. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139939283 | |||||
| CVE-2020-0196 | 1 Google | 1 Android | 2020-06-15 | 3.3 LOW | 6.5 MEDIUM |
| In RegisterNotificationResponse::GetEvent of register_notification_packet.cc, there is a possible abort due to improper input validation. This could lead to remote denial of service of the Bluetooth service, over Bluetooth, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144066833 | |||||
| CVE-2020-0186 | 1 Google | 1 Android | 2020-06-15 | 4.6 MEDIUM | 6.7 MEDIUM |
| In hal_fd_init of hal_fd.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146144463 | |||||
| CVE-2020-0200 | 1 Google | 1 Android | 2020-06-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ReadLittleEndian of raw_bit_reader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147231862 | |||||
| CVE-2020-0206 | 1 Google | 1 Android | 2020-06-15 | 2.1 LOW | 5.5 MEDIUM |
| In the settings app, there is a possible app crash due to improper input validation. This could lead to local denial of service of the Settings app with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136005061 | |||||
| CVE-2020-0138 | 1 Google | 1 Android | 2020-06-15 | 6.8 MEDIUM | 9.8 CRITICAL |
| In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if bluetoothtbd were used, which it isn't in typical Android platforms, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142878416 | |||||
| CVE-2020-0124 | 1 Google | 1 Android | 2020-06-12 | 4.6 MEDIUM | 6.7 MEDIUM |
| In markBootComplete of InstalldNativeService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140237592 | |||||
| CVE-2020-0193 | 1 Google | 1 Android | 2020-06-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ihevc_intra_pred_chroma_mode_3_to_9_av8 of ihevc_intra_pred_chroma_mode_3_to_9.s, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144595488 | |||||
| CVE-2020-0191 | 1 Google | 1 Android | 2020-06-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ih264d_update_default_index_list() of ih264d_dpb_mgr.c, there is a possible out of bounds read due to a logic error. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140561484 | |||||
| CVE-2020-0180 | 1 Google | 1 Android | 2020-06-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| In GetOpusHeaderBuffers() of OpusHeader.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142861738 | |||||
| CVE-2020-0143 | 1 Google | 1 Android | 2020-06-12 | 2.1 LOW | 4.4 MEDIUM |
| In nfa_dm_ndef_find_next_handler of nfa_dm_ndef.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of heap data via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145597277 | |||||
| CVE-2020-0129 | 1 Google | 1 Android | 2020-06-12 | 4.6 MEDIUM | 7.8 HIGH |
| In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123292010 | |||||
| CVE-2020-0144 | 1 Google | 1 Android | 2020-06-12 | 2.1 LOW | 4.4 MEDIUM |
| In btm_proc_sp_req_evt of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142543497 | |||||
| CVE-2020-0150 | 1 Google | 1 Android | 2020-06-12 | 4.6 MEDIUM | 7.8 HIGH |
| In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142280329 | |||||
| CVE-2020-0210 | 1 Google | 1 Android | 2020-06-12 | 4.6 MEDIUM | 7.8 HIGH |
| In removeSharedAccountAsUser of AccountManager.java, there is a possible permissions bypass to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145206763 | |||||
| CVE-2020-0149 | 1 Google | 1 Android | 2020-06-12 | 2.1 LOW | 4.4 MEDIUM |
| In btu_hcif_mode_change_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142544089 | |||||
| CVE-2020-0148 | 1 Google | 1 Android | 2020-06-12 | 2.1 LOW | 4.4 MEDIUM |
| In btu_hcif_pin_code_request_evt, btu_hcif_link_key_request_evt, and btu_hcif_link_key_notification_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142638492 | |||||