Google

Android

8158 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.4%
  • Veröffentlicht 08.01.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:52:43

In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Produc...

  • EPSS 1.39%
  • Veröffentlicht 08.01.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:52:43

In ih264d_init_decoder of ih264d_api.c, there is a possible out of bounds write due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation Product: And...

Exploit
  • EPSS 0.35%
  • Veröffentlicht 08.01.2020 19:15:10
  • Zuletzt bearbeitet 21.11.2024 02:54:08

An Information Disclosure vulnerability exists in the Google Pixel/Pixel SL Qualcomm Avtimer Driver due to a NULL pointer dereference when processing an accept system call by the user process on AF_MSM_IPC sockets, which could let a local malicious u...

  • EPSS 0.69%
  • Veröffentlicht 08.01.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:52:44

In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privilege...

  • EPSS 0.4%
  • Veröffentlicht 08.01.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 02:21:57

A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558).

  • EPSS 0.27%
  • Veröffentlicht 07.01.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:51:41

In the Titan M handling of cryptographic operations, there is a possible information disclosure due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not need...

  • EPSS 0.16%
  • Veröffentlicht 06.01.2020 18:15:24
  • Zuletzt bearbeitet 21.11.2024 04:51:41

In dma_sblk_start of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product...

  • EPSS 0.16%
  • Veröffentlicht 06.01.2020 18:15:24
  • Zuletzt bearbeitet 21.11.2024 04:51:41

In set_outbound_iatu of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Prod...

  • EPSS 0.14%
  • Veröffentlicht 06.01.2020 18:15:24
  • Zuletzt bearbeitet 21.11.2024 04:51:41

In DCRYPTO_equals of compare.c, there is a possible timing attack due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...

  • EPSS 0.16%
  • Veröffentlicht 06.01.2020 18:15:23
  • Zuletzt bearbeitet 21.11.2024 04:51:41

In export_key_der of export_key.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: ...