Skip to main content
CVE-2020-8939 MEDIUM PATCH This Month

An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by memcpy() to read memory from within the enclave heap. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Asylo
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-8936 MEDIUM PATCH This Month

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to UntrustedCall. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Asylo
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-28203 MEDIUM This Month

An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 and earlier. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Foxit Reader Phantompdf
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2020-14302 MEDIUM This Month

A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Keycloak
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2020-0473 MEDIUM PATCH This Month

In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Google Privilege Escalation Authentication Bypass Android
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2020-27053 MEDIUM PATCH This Month

In broadcastWifiCredentialChanged of ClientModeImpl.java, there is a possible location permission bypass due to a missing permission check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2020-27046 MEDIUM PATCH This Month

In nfc_ncif_proc_ee_action of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2020-27043 MEDIUM PATCH This Month

In nfc_enabled of nfc_main.cc, there is a possible out of bounds read due to an incorrect increment. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2020-27040 MEDIUM PATCH This Month

In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2020-27037 MEDIUM PATCH This Month

In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2020-27033 MEDIUM This Month

In nfc_ncif_proc_get_routing of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2020-27031 MEDIUM This Month

In nfc_data_event of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2020-27028 MEDIUM This Month

In filter_incoming_event of hci_layer.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2020-27023 MEDIUM This Month

In setErrorPlaybackState of BluetoothMediaBrowserService.java, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2020-27021 MEDIUM This Month

In avrc_ctrl_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2020-0482 MEDIUM PATCH This Month

In command of IncidentService.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2020-0476 MEDIUM PATCH This Month

In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to logs. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2020-0499 MEDIUM This Month

In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android Debian Linux +1
NVD
CVSS 3.1
4.3
EPSS
4.0%
CVE-2020-27057 LOW PATCH Monitor

In getGpuStatsGlobalInfo and getGpuStatsAppInfo of GpuService.cpp, there is a possible permission bypass due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2020-27056 LOW PATCH Monitor

In SELinux policies of mls, there is a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2020-0481 LOW PATCH Monitor

In AndroidManifest.xml, there is a possible permissions bypass. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Google Privilege Escalation Authentication Bypass Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2020-0368 LOW PATCH Monitor

In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper input validation. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2020-8938 LOW PATCH Monitor

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to FromkLinuxSockAddr with attacker controlled content and size of klinux_addr which. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Asylo
NVD GitHub
CVSS 3.1
3.3
EPSS
0.1%
CVE-2020-8937 LOW PATCH Monitor

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Asylo
NVD GitHub
CVSS 3.1
3.3
EPSS
0.1%
CVE-2020-29480 LOW PATCH Monitor

An issue was discovered in Xen through 4.14.x. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
2.3
EPSS
0.3%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy