CVE-2020-0256
- EPSS 0.21%
- Veröffentlicht 11.08.2020 20:15:12
- Zuletzt bearbeitet 21.11.2024 04:53:11
In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when inserting a malicious USB device, with no additional execution privileges needed. User inter...
CVE-2020-0257
- EPSS 0.18%
- Veröffentlicht 11.08.2020 20:15:12
- Zuletzt bearbeitet 21.11.2024 04:53:11
In SpecializeCommon of com_android_internal_os_Zygote.cpp, there is a permissions bypass due to an incomplete cleanup. This could lead to local escalation of privilege in isolated processes with no additional execution privileges needed. User interac...
CVE-2020-0258
- EPSS 0.29%
- Veröffentlicht 11.08.2020 20:15:12
- Zuletzt bearbeitet 21.11.2024 04:53:11
In stopZygoteLocked of AppZygote.java, there is an insufficient cleanup. This could lead to local information disclosure in the application that is started next with no additional execution privileges needed. User interaction is not needed for exploi...
CVE-2020-0259
- EPSS 0.16%
- Veröffentlicht 11.08.2020 20:15:12
- Zuletzt bearbeitet 21.11.2024 04:53:11
In android_verity_ctr of dm-android-verity.c, there is a possible way to modify a dm-verity protected filesystem due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User inte...
CVE-2020-0108
- EPSS 0.5%
- Veröffentlicht 11.08.2020 20:15:11
- Zuletzt bearbeitet 21.11.2024 04:52:55
In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i...
- EPSS 0.13%
- Veröffentlicht 11.08.2020 20:15:11
- Zuletzt bearbeitet 21.11.2024 04:53:09
In updatePreferenceIntents of AccountTypePreferenceLoader, there is a possible confused deputy attack due to a race condition. This could lead to local escalation of privilege and launching privileged activities with no additional execution privilege...
CVE-2020-0107
- EPSS 0.14%
- Veröffentlicht 17.07.2020 21:15:12
- Zuletzt bearbeitet 21.11.2024 04:52:55
In getUiccCardsInfo of PhoneInterfaceManager.java, there is a possible permissions bypass due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...
CVE-2020-0122
- EPSS 0.17%
- Veröffentlicht 17.07.2020 21:15:12
- Zuletzt bearbeitet 21.11.2024 04:52:56
In the permission declaration for com.google.android.providers.gsf.permission.WRITE_GSERVICES in AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. Us...
- EPSS 1.58%
- Veröffentlicht 17.07.2020 21:15:12
- Zuletzt bearbeitet 21.11.2024 04:53:08
In FastKeyAccumulator::GetKeysSlow of keys.cc, there is a possible out of bounds write due to type confusion. This could lead to remote code execution when processing a proxy configuration with no additional execution privileges needed. User interact...
- EPSS 2.68%
- Veröffentlicht 17.07.2020 21:15:12
- Zuletzt bearbeitet 21.11.2024 04:53:08
In a2dp_vendor_ldac_decoder_decode_packet of a2dp_vendor_ldac_decoder.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction...