Total
5093 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-0419 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In generateInfo of PackageInstallerSession.java, there is a possible leak of cross-profile URI data during app installation due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-142125338 | ||||
CVE-2020-0412 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check. This could lead to local information disclosure of foreground processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.0 Android-8.1 Android-9Android ID: A-160390416 | ||||
CVE-2020-0401 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
In setInstallerPackageName of PackageManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and granting spurious permissions with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-150857253 | ||||
CVE-2020-0387 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
In manifest files of the SmartSpace package, there is a possible tapjacking vector due to a missing permission check. This could lead to local escalation of privilege and account hijacking with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-156046804 | ||||
CVE-2020-0378 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In onWnmFrameReceived of PasspointManager.java, there is a missing permission check. This could lead to local information disclosure of location data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-157748906 | ||||
CVE-2020-0375 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege and the setting of supported EUICC countries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156253476 | ||||
CVE-2020-0372 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In ActivityManager, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-119673147 | ||||
CVE-2020-0343 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In NetworkStatsService, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-119672472 | ||||
CVE-2020-0341 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
In DisplayManager, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144920149 | ||||
CVE-2020-0327 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In core networking, there is a missing permission check. This could lead to local information disclosure of app network usage with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-129151407 | ||||
CVE-2020-0317 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In UsageStatsManager, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-119671929 | ||||
CVE-2020-0316 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In Telephony, there is a missing permission check. This could lead to local information disclosure of radio data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934919 | ||||
CVE-2020-0314 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934920 | ||||
CVE-2020-0299 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
In Bluetooth, there is a possible spoofing of bluetooth device metadata due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-145130119 | ||||
CVE-2020-0298 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
In Bluetooth, there is a possible control over Bluetooth enabled state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-145129266 | ||||
CVE-2020-0293 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In Java network APIs, there is possible access to sensitive network state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation in Android versions: Android-11, Android ID: A-141455849 | ||||
CVE-2020-0290 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In PackageManager, there is a missing permission check. This could lead to local information disclosure across users with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153996866 | ||||
CVE-2020-0289 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In PackageManager, there is a missing permission check. This could lead to local information disclosure across users with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153996872 | ||||
CVE-2020-0288 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In PackageManager, there is a missing permission check. This could lead to local information disclosure across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153995991 | ||||
CVE-2020-0285 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156253479 |