CVE-2024-40657
- EPSS 0.01%
- Veröffentlicht 11.09.2024 00:15:11
- Zuletzt bearbeitet 17.12.2024 19:10:57
In addPreferencesForType of AccountTypePreferenceLoader.java, there is a possible way to disable apps for other users due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User inte...
CVE-2024-40658
- EPSS 0.01%
- Veröffentlicht 11.09.2024 00:15:11
- Zuletzt bearbeitet 17.12.2024 19:07:48
In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...
CVE-2024-40659
- EPSS 0.01%
- Veröffentlicht 11.09.2024 00:15:11
- Zuletzt bearbeitet 17.12.2024 19:07:45
In getRegistration of RemoteProvisioningService.java, there is a possible way to permanently disable the AndroidKeyStore key generation feature by updating the attestation keys of all installed apps due to improper input validation. This could lead t...
CVE-2024-40662
- EPSS 0.01%
- Veröffentlicht 11.09.2024 00:15:11
- Zuletzt bearbeitet 17.12.2024 19:07:42
In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for explo...
- EPSS 0.01%
- Veröffentlicht 11.09.2024 00:15:10
- Zuletzt bearbeitet 17.12.2024 19:08:12
In DevmemIntPFNotify of devicemem_server.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for ...
CVE-2024-20086
- EPSS 0.02%
- Veröffentlicht 02.09.2024 05:15:15
- Zuletzt bearbeitet 05.09.2024 14:26:34
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue I...
CVE-2024-20087
- EPSS 0.02%
- Veröffentlicht 02.09.2024 05:15:15
- Zuletzt bearbeitet 05.09.2024 14:26:51
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue I...
CVE-2024-20088
- EPSS 0.02%
- Veröffentlicht 02.09.2024 05:15:15
- Zuletzt bearbeitet 13.03.2025 19:15:41
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932099; Iss...
CVE-2024-20089
- EPSS 1.99%
- Veröffentlicht 02.09.2024 05:15:15
- Zuletzt bearbeitet 05.09.2024 14:28:02
In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue...
CVE-2024-20084
- EPSS 0.03%
- Veröffentlicht 02.09.2024 05:15:14
- Zuletzt bearbeitet 27.10.2024 03:35:00
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944210; Issue ID...