Skip to main content
CVE-2020-0288 MEDIUM This Month

In PackageManager, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0274 MEDIUM This Month

In the OMX parser, there is a possible information disclosure due to a returned raw pointer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0125 MEDIUM This Month

In mediadrm, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0427 MEDIUM PATCH This Month

In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Google Denial Of Service Information Disclosure Android +3
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2020-0404 MEDIUM This Month

In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android Communications Cloud Native Core Binding Support Function Communications Cloud Native Core Network Exposure Function +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0399 MEDIUM This Month

In showLimitedSimFunctionWarningNotification of NotificationMgr.java, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0397 MEDIUM This Month

In getNotificationBuilder of CarrierServiceStateTracker.java, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0396 MEDIUM This Month

In various places in Telephony, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0395 MEDIUM This Month

In showNotification of EmergencyCallbackModeService.java, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0393 MEDIUM This Month

In decrypt and decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0390 MEDIUM PATCH This Month

In the app zygote SE Policy, there is a possible permissions bypass. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Google Privilege Escalation Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0389 MEDIUM PATCH This Month

In createSaveNotification of RecordingService.java, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0386 MEDIUM PATCH This Month

In onCreate of RequestPermissionActivity.java, there is a possible tapjacking vector due to an insecure default value. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

XSS Google Privilege Escalation Android
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-0385 MEDIUM PATCH This Month

In Parse_insh of eas_mdls.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Google Memory Corruption Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2020-0384 MEDIUM PATCH This Month

In Parse_art of eas_mdls.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Google Memory Corruption Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2020-0383 MEDIUM PATCH This Month

In Parse_ins of eas_mdls.c, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Google Memory Corruption Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2020-14338 MEDIUM PATCH This Month

A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xerces
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-0338 MEDIUM This Month

In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2020-15187 MEDIUM PATCH This Month

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Helm
NVD GitHub
CVSS 3.1
4.7
EPSS
1.5%
CVE-2020-0373 MEDIUM This Month

In SoundTriggerHwService, there is a possible out of bounds read due to a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2020-0328 MEDIUM This Month

In the camera, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2020-0322 MEDIUM This Month

In apexd, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2020-0407 MEDIUM This Month

In various functions in fscrypt_ice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs (Initialization Vectors), 64-bit IVs are. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy