CVE-2020-0500
- EPSS 0.15%
- Veröffentlicht 15.12.2020 16:15:14
- Zuletzt bearbeitet 21.11.2024 04:53:37
In startInputUncheckedLocked of InputMethodManager.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for e...
CVE-2020-27021
- EPSS 0.15%
- Veröffentlicht 15.12.2020 16:15:14
- Zuletzt bearbeitet 21.11.2024 05:20:41
In avrc_ctrl_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploit...
CVE-2020-27023
- EPSS 0.18%
- Veröffentlicht 15.12.2020 16:15:14
- Zuletzt bearbeitet 21.11.2024 05:20:41
In setErrorPlaybackState of BluetoothMediaBrowserService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with System execution privileges needed. User interaction is not need...
CVE-2020-0368
- EPSS 0.15%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:23
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper input validation. This could lead to local information disclosure of voicemail metadata with User execution privileges needed. User interaction is not nee...
CVE-2020-0473
- EPSS 0.14%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:34
In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing an attacker with physical possession of the device to transfer files to it ov...
- EPSS 0.1%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:34
In HalCamera::requestNewFrame of HalCamera.cpp, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitati...
CVE-2020-0475
- EPSS 0.4%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:34
In createInputConsumer of WindowManagerService.java, there is a possible way to block and intercept input events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User ...
CVE-2020-0476
- EPSS 0.15%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:34
In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to logs. This could lead to local information disclosure with System execution privileges required. User interaction is not needed for exploitation.Product:...
CVE-2020-0477
- EPSS 0.13%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:35
In sendLinkConfigurationChangedBroadcast of ClientModeImpl.java, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of the current network configuration with no additional exe...
CVE-2020-0478
- EPSS 0.46%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:35
In extend_frame_lowbd of restoration.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitatio...