CVE-2020-0479
- EPSS 0.39%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:35
In callUnchecked of DocumentsProvider.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a malicious app to access files available to the DocumentProvider without user permission, with no additiona...
CVE-2020-0480
- EPSS 0.39%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:35
In callUnchecked of DocumentsProvider.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a caller to copy, move, or delete files accessible to DocumentsProvider wi...
CVE-2020-0481
- EPSS 0.13%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:35
In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a non-system app to send a broadcast it shouldn't have permissions to send, with no additional execution privileges needed. User...
CVE-2020-0482
- EPSS 0.16%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:35
In command of IncidentService.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Produ...
CVE-2020-0483
- EPSS 0.14%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:35
In DrmManagerService::~DrmManagerService() of DrmManagerService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not need...
CVE-2020-0484
- EPSS 0.14%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:35
In destroyResources of ComposerClient.h, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: A...
CVE-2020-0485
- EPSS 0.13%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:35
In areFunctionsSupported of UsbBackend.java, there is a possible access to tethering from a guest account due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...
CVE-2020-0486
- EPSS 0.13%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:36
In openAssetFileListener of ContactsProvider2.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege to change contact data with no additional execution privileges needed. User i...
CVE-2020-0488
- EPSS 0.7%
- Veröffentlicht 15.12.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:36
In ihevc_inter_pred_chroma_copy_ssse3 of ihevc_inter_pred_filters_ssse3_intr.c, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. Use...
CVE-2020-0244
- EPSS 0.39%
- Veröffentlicht 15.12.2020 16:15:12
- Zuletzt bearbeitet 21.11.2024 04:53:10
In writeBurstBufferBytes of SPDIFEncoder.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no clear exfiltration path, with no additional execution privileges needed. Us...