CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
851 CVE-2020-0370 125 2020-09-17 2020-09-23
4.3
None Remote Medium Not required Partial None None
In libAACdec, there is a possible out of bounds read due to missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-112051700
852 CVE-2020-0369 190 Overflow 2020-09-17 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
In libavb, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-130231426
853 CVE-2020-0368 20 Bypass 2020-12-15 2021-07-14
2.1
None Local Low Not required Partial None None
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper input validation. This could lead to local information disclosure of voicemail metadata with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-143230980
854 CVE-2020-0367 787 2020-10-14 2020-10-15
9.4
None Remote Low Not required None Complete Complete
There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-162980455
855 CVE-2020-0366 269 Bypass 2020-09-17 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
In PackageInstaller, there is a possible permissions bypass due to a tapjacking vulnerability. This could lead to local escalation of privilege using an app set as the default Assist app with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-138443815
856 CVE-2020-0365 125 DoS 2020-09-18 2020-09-21
2.1
None Local Low Not required None None Partial
In netd, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137346580
857 CVE-2020-0364 125 2020-09-17 2020-09-23
4.3
None Remote Medium Not required Partial None None
In libDRCdec, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137282770
858 CVE-2020-0363 20 DoS 2020-09-17 2020-09-23
4.3
None Remote Medium Not required None None Partial
In libmedia, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-132274514
859 CVE-2020-0362 20 DoS 2020-09-17 2020-09-23
4.3
None Remote Medium Not required None None Partial
In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-123237930
860 CVE-2020-0361 908 2020-09-17 2020-09-23
4.3
None Remote Medium Not required Partial None None
In libDRCdec, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151927433
861 CVE-2020-0360 269 Bypass 2020-09-17 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
In Notification Access Confirmation, there is a possible permissions bypass due to uninformed consent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-145129456
862 CVE-2020-0359 125 Overflow 2020-09-17 2020-09-21
2.1
None Local Low Not required Partial None None
In GLESRenderEngine, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150303018
863 CVE-2020-0358 367 2020-09-17 2021-07-21
4.4
None Local Medium Not required Partial Partial Partial
In SurfaceFlinger, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150227563
864 CVE-2020-0357 667 2020-09-17 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
In SurfaceFlinger, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150225569
865 CVE-2020-0356 787 2020-09-17 2020-09-23
4.6
None Local Low Not required Partial Partial Partial
In the Audio HAL, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-143787559
866 CVE-2020-0355 125 2020-09-17 2020-09-21
4.3
None Remote Medium Not required Partial None None
In libFraunhoferAAC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-141883493
867 CVE-2020-0354 787 Exec Code 2020-09-18 2020-09-24
7.5
None Remote Low Not required Partial Partial Partial
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-143604331
868 CVE-2020-0353 119 DoS Overflow 2020-09-17 2021-07-21
4.3
None Remote Medium Not required None None Partial
In libmp4extractor, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124777526
869 CVE-2020-0352 89 Sql Bypass 2020-09-17 2020-09-21
2.1
None Local Low Not required Partial None None
In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-132074310
870 CVE-2020-0351 20 DoS 2020-09-17 2020-09-21
7.1
None Remote Medium Not required None None Complete
In libstagefright, there is possible CPU exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124777537
871 CVE-2020-0350 787 2020-09-18 2020-09-21
4.6
None Local Low Not required Partial Partial Partial
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges and a Firmware compromise needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-139424089
872 CVE-2020-0349 125 2020-09-18 2021-07-21
2.1
None Local Low Not required Partial None None
In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-139188779
873 CVE-2020-0348 125 2020-09-18 2020-09-21
4.0
None Remote Low ??? Partial None None
In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-139188582
874 CVE-2020-0347 787 2020-09-18 2020-09-21
4.6
None Local Low Not required Partial Partial Partial
In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
875 CVE-2020-0346 190 Overflow 2020-09-17 2021-07-21
4.4
None Local Medium Not required Partial Partial Partial
In Mediaserver, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if integer sanitization were not enabled (which it is by default), with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-147002762
876 CVE-2020-0345 610 Bypass 2020-09-17 2020-09-23
4.4
None Local Medium Not required Partial Partial Partial
In DocumentsUI, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144286721
877 CVE-2020-0344 89 Sql Bypass 2020-09-17 2020-09-21
2.1
None Local Low Not required Partial None None
In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-140729887
878 CVE-2020-0343 276 2020-09-17 2021-07-21
2.1
None Local Low Not required Partial None None
In NetworkStatsService, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-119672472
879 CVE-2020-0342 787 2020-09-17 2020-09-23
10.0
None Remote Low Not required Complete Complete Complete
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812576
880 CVE-2020-0341 862 Bypass 2020-09-17 2020-09-22
4.6
None Local Low Not required Partial Partial Partial
In DisplayManager, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144920149
881 CVE-2020-0340 909 Exec Code 2020-09-17 2021-07-21
4.3
None Remote Medium Not required Partial None None
In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144901522
882 CVE-2020-0339 125 2020-10-14 2020-10-15
9.4
None Remote Low Not required Complete None Complete
There is a possible out of bounds read due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-162980705
883 CVE-2020-0338 Bypass 2020-09-17 2022-01-14
2.1
None Local Low Not required Partial None None
In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android ID: A-123700107
884 CVE-2020-0337 610 Bypass 2020-09-17 2021-07-21
2.1
None Local Low Not required Partial None None
In MediaProvider, there is a possible bypass of a permissions check due to a confused deputy. This could lead to local information disclosure, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124329382
885 CVE-2020-0336 843 Mem. Corr. 2020-09-17 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
In SurfaceFlinger, there is possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153467444
886 CVE-2020-0335 787 2020-09-18 2020-09-21
4.6
None Local Low Not required Partial Partial Partial
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges and a Firmware compromise needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-122361504
887 CVE-2020-0334 787 2020-09-18 2020-09-21
4.6
None Local Low Not required Partial Partial Partial
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges and a Firmware compromise needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-147995915
888 CVE-2020-0333 20 Exec Code 2020-09-17 2020-09-21
7.5
None Remote Low Not required Partial Partial Partial
In UrlQuerySanitizer, there is a possible improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-73822755
889 CVE-2020-0332 DoS 2020-09-17 2020-09-23
4.3
None Remote Medium Not required None None Partial
In libstagefright, there is a possible dead loop due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124783982
890 CVE-2020-0331 281 Bypass 2020-09-18 2021-07-21
2.1
None Local Low Not required Partial None None
In Settings, there is a possible permissions bypass. This could lead to local information disclosure of the device's IMEI with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-147309310
891 CVE-2020-0330 416 Exec Code Mem. Corr. 2020-09-17 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
In iorap, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege and code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150331085
892 CVE-2020-0329 125 Exec Code 2020-09-17 2020-09-22
2.1
None Local Low Not required Partial None None
In the OMX encoder, there is a possible out of bounds read due to invalid input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-63522940
893 CVE-2020-0328 190 Overflow 2020-09-17 2021-07-21
2.1
None Local Low Not required Partial None None
In the camera, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150156131
894 CVE-2020-0327 281 2020-09-18 2021-07-21
2.1
None Local Low Not required Partial None None
In core networking, there is a missing permission check. This could lead to local information disclosure of app network usage with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-129151407
895 CVE-2020-0326 787 2020-09-18 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
In NFC, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-146453119
896 CVE-2020-0325 2020-09-18 2021-07-21
2.1
None Local Low Not required Partial None None
In NFC, there is a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-145079309
897 CVE-2020-0324 125 2020-09-17 2020-09-23
4.3
None Remote Medium Not required Partial None None
In libsonivox, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136660304
898 CVE-2020-0323 125 2020-09-17 2020-09-22
2.1
None Local Low Not required Partial None None
In libavb, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-146516087
899 CVE-2020-0322 125 2020-09-17 2020-09-22
2.1
None Local Low Not required Partial None None
In apexd, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-147002540
900 CVE-2020-0321 909 Exec Code 2020-09-17 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155171907
Total number of vulnerabilities : 3865   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 (This Page)19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.