Total
5093 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-0284 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156253784 | ||||
| CVE-2020-0277 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a malicious app to modify the device's data plan with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-148627993 | ||||
| CVE-2020-0276 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156253586 | ||||
| CVE-2020-0266 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In factory reset protection, there is a possible FRP bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-111086459 | ||||
| CVE-2020-0265 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In Telephony, there are possible leaks of sensitive data due to missing permission checks. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150155839 | ||||
| CVE-2020-0250 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In requestCellInfoUpdateInternal of PhoneInterfaceManager.java, there is a missing permission check. This could lead to local information disclosure of location data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-154934934 | ||||
| CVE-2020-0246 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In getCarrierPrivilegeStatus of UiccAccessRule.java, there is a missing permission check. This could lead to local information disclosure of EID data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-159062405 | ||||
| CVE-2020-0239 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In getDocumentMetadata of DocumentsContract.java, there is a possible disclosure of location metadata from a file due to a permissions bypass. This could lead to local information disclosure from a file (eg. a photo) containing location metadata with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-151095863 | ||||
| CVE-2020-0227 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing background data usage or launching from the background, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-129476618 | ||||
| CVE-2020-0202 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onHandleIntent of TraceService.java, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11 Android ID: A-142936525 | ||||
| CVE-2020-0178 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In getAllConfigFlags of SettingsProvider.cpp, there is a possible illegal read due to a missing permission check. This could lead to local information disclosure of config flags with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143299398 | ||||
| CVE-2020-0177 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In connect() of PanService.java, there is a possible permissions bypass. This could lead to local escalation of privilege to change network connection settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-126206353 | ||||
| CVE-2020-0137 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141920289 | ||||
| CVE-2020-0135 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150949837 | ||||
| CVE-2020-0109 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In simulatePackageSuspendBroadcast of NotificationManagerService.java, there is a missing permission check. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-148059175 | ||||
| CVE-2020-0107 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In getUiccCardsInfo of PhoneInterfaceManager.java, there is a possible permissions bypass due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146570216 | ||||
| CVE-2020-0106 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In getCellLocation of PhoneInterfaceManager.java, there is a possible permission bypass due to a missing SDK version check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-148414207 | ||||
| CVE-2020-0105 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onKeyguardVisibilityChanged of key_store_service.cpp, there is a missing permission check. This could lead to local escalation of privilege, allowing apps to use keyguard-bound keys when the screen is locked, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-144285084 | ||||
| CVE-2020-0089 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In the audio server, there is a missing permission check. This could lead to local escalation of privilege regarding audio settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137015603 | ||||
| CVE-2020-0085 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In setBluetoothTethering of PanService.java, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege to activate tethering with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-134487438 | ||||