CVE-2020-0390
- EPSS 0.14%
- Veröffentlicht 17.09.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:26
In the app zygote SE Policy, there is a possible permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 ...
CVE-2020-0391
- EPSS 0.43%
- Veröffentlicht 17.09.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:26
In applyPolicy of PackageManagerService.java, there is possible arbitrary command execution as System due to an unenforced protected-broadcast. This could lead to local escalation of privilege with no additional execution privileges needed. User inte...
CVE-2020-0392
- EPSS 0.27%
- Veröffentlicht 17.09.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:26
In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Prod...
CVE-2020-0393
- EPSS 0.16%
- Veröffentlicht 17.09.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:26
In decrypt and decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for e...
CVE-2020-0394
- EPSS 0.27%
- Veröffentlicht 17.09.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:26
In onCreate of BluetoothPairingDialog.java, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege and untrusted devices accessing contact lists with no additional execution privileges...
CVE-2020-0395
- EPSS 0.18%
- Veröffentlicht 17.09.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:26
In showNotification of EmergencyCallbackModeService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for ...
CVE-2020-0396
- EPSS 0.18%
- Veröffentlicht 17.09.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:26
In various places in Telephony, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: Andr...
CVE-2020-0397
- EPSS 0.18%
- Veröffentlicht 17.09.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:26
In getNotificationBuilder of CarrierServiceStateTracker.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed ...
CVE-2020-0399
- EPSS 0.18%
- Veröffentlicht 17.09.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:27
In showLimitedSimFunctionWarningNotification of NotificationMgr.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not...
CVE-2020-0401
- EPSS 0.28%
- Veröffentlicht 17.09.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:53:27
In setInstallerPackageName of PackageManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and granting spurious permissions with no additional execution privileges needed. User interaction is not ...