CVE-2020-9109
- EPSS 0.03%
- Veröffentlicht 12.10.2020 14:15:14
- Zuletzt bearbeitet 21.11.2024 05:40:03
There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smart...
CVE-2020-0069
- EPSS 0.74%
- Veröffentlicht 10.03.2020 20:15:21
- Zuletzt bearbeitet 04.04.2025 13:01:47
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution...
CVE-2019-5235
- EPSS 0.25%
- Veröffentlicht 14.12.2019 00:15:10
- Zuletzt bearbeitet 21.11.2024 04:44:34
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
CVE-2019-2215
- EPSS 49.83%
- Veröffentlicht 11.10.2019 19:15:10
- Zuletzt bearbeitet 04.04.2025 15:40:44
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local appli...
CVE-2019-9506
- EPSS 3.04%
- Veröffentlicht 14.08.2019 17:15:11
- Zuletzt bearbeitet 21.11.2024 04:51:45
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") tha...