Google

Android

8158 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.71%
  • Veröffentlicht 22.02.2020 00:15:10
  • Zuletzt bearbeitet 21.11.2024 05:39:35

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. User interaction is required to exploit this vulnerabil...

  • EPSS 0.48%
  • Veröffentlicht 21.02.2020 02:15:10
  • Zuletzt bearbeitet 21.11.2024 02:18:15

btif/src/btif_dm.c in Android before 5.1 does not properly enforce the temporary nature of a Bluetooth pairing, which allows user-assisted remote attackers to bypass intended access restrictions via crafted Bluetooth packets after the tapping of a cr...

Exploit
  • EPSS 1.07%
  • Veröffentlicht 20.02.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 02:18:19

Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a .. (dot dot) in the...

  • EPSS 0.18%
  • Veröffentlicht 13.02.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 04:52:46

In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not need...

  • EPSS 2.68%
  • Veröffentlicht 13.02.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 04:52:46

In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for e...

  • EPSS 0.15%
  • Veröffentlicht 13.02.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 04:52:46

In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product...

  • EPSS 0.19%
  • Veröffentlicht 13.02.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:40:25

In updatePermissions of PermissionManagerService.java, it may be possible for a malicious app to obtain a custom permission from another app due to a permission bypass. This could lead to local escalation of privilege with User execution privileges n...

  • EPSS 0.18%
  • Veröffentlicht 13.02.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:52:43

In btm_read_remote_ext_features_complete of btm_acl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed fo...

  • EPSS 0.96%
  • Veröffentlicht 13.02.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:52:44

It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. This could lead to a local escalation of privilege with no additional execution privileges needed. User action is needed for exploita...

  • EPSS 0.16%
  • Veröffentlicht 13.02.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:52:45

In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...