Google

Android

7931 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2020-0252

  • EPSS 0.2%
  • Veröffentlicht 11.08.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 04:53:11

There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152236803

10

CVE-2020-0253

  • EPSS 0.2%
  • Veröffentlicht 11.08.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 04:53:11

There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152647365

7.8

CVE-2020-0254

  • EPSS 0.12%
  • Veröffentlicht 11.08.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 04:53:11

There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152647751

7.2

CVE-2020-0256

  • EPSS 0.06%
  • Veröffentlicht 11.08.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 04:53:11

In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when inserting a malicious USB device, with no additional execution privileges needed. User inter...

7.8

CVE-2020-0257

  • EPSS 0.01%
  • Veröffentlicht 11.08.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 04:53:11

In SpecializeCommon of com_android_internal_os_Zygote.cpp, there is a permissions bypass due to an incomplete cleanup. This could lead to local escalation of privilege in isolated processes with no additional execution privileges needed. User interac...

5.5

CVE-2020-0258

  • EPSS 0.02%
  • Veröffentlicht 11.08.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 04:53:11

In stopZygoteLocked of AppZygote.java, there is an insufficient cleanup. This could lead to local information disclosure in the application that is started next with no additional execution privileges needed. User interaction is not needed for exploi...

7.8

CVE-2020-0259

  • EPSS 0.01%
  • Veröffentlicht 11.08.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 04:53:11

In android_verity_ctr of dm-android-verity.c, there is a possible way to modify a dm-verity protected filesystem due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User inte...

7.8

CVE-2020-0108

  • EPSS 1.84%
  • Veröffentlicht 11.08.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:52:55

In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i...

7

CVE-2020-0238

  • EPSS 0.08%
  • Veröffentlicht 11.08.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:53:09

In updatePreferenceIntents of AccountTypePreferenceLoader, there is a possible confused deputy attack due to a race condition. This could lead to local escalation of privilege and launching privileged activities with no additional execution privilege...

5.5

CVE-2020-0107

  • EPSS 0.01%
  • Veröffentlicht 17.07.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:52:55

In getUiccCardsInfo of PhoneInterfaceManager.java, there is a possible permissions bypass due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...