CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2020-0443
https://notcve.org/view.php?id=CVE-2020-0443
10 Nov 2020 — In LocaleList of LocaleList.java, there is a possible forced reboot due to an uncaught exception. This could lead to local denial of service requiring factory reset to restore with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-152410253 En la función LocaleList del archivo LocaleList.java, se presenta un posible reinicio forzado debido a una excepción no detectada. Esto pod... • https://github.com/Supersonic/CVE-2020-0443 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-0442
https://notcve.org/view.php?id=CVE-2020-0442
10 Nov 2020 — In Message and toBundle of Notification.java, there is a possible UI slowdown or crash due to improper input validation. This could lead to remote denial of service if a malicious contact file is received, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.0 Android-8.1 Android-9Android ID: A-147358092 En las funciones Message y toBundle del archivo Notification.java, se presenta una posible ralentización ... • https://source.android.com/security/bulletin/2020-11-01 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2020-0439
https://notcve.org/view.php?id=CVE-2020-0439
10 Nov 2020 — In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due to an incorrect permission check. This could lead to local escalation of privilege that allows instant apps access to permissions not allowed for instant apps, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-140256621 En la función generatePackageInfo del archivo PackageM... • https://github.com/Satheesh575555/frameworks_base_AOSP10_r33_CVE-2020-0439 • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 16%CPEs: 7EXPL: 1CVE-2020-0452 – libexif: out of bounds write due to an integer overflow in exif-entry.c
https://notcve.org/view.php?id=CVE-2020-0452
10 Nov 2020 — In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-159625731 En la función exif_entry_get_value del archivo exif-entry.c, se presenta una posible escritur... • https://github.com/ShaikUsaf/external_libexif_AOSP10_CVE-2020-0452 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-28344
https://notcve.org/view.php?id=CVE-2020-28344
08 Nov 2020 — An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. System services may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200024 (November 2020). Se detectó un problema en los dispositivos móviles LG con versiones de software Android OS 8.0, 8.1, 9.0 y 10. Los servicios del sistema pueden bloquearse debido a una falta de comprobación del parámetro NULL. • https://lgsecurity.lge.com • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-28340
https://notcve.org/view.php?id=CVE-2020-28340
08 Nov 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via Secure Folder. The Samsung ID is SVE-2020-18546 (November 2020). Se detectó un problema en los dispositivos móviles Samsung con versiones de software O(8.x), P(9.0), Q(10.0) y R(11.0). Los atacantes pueden omitir Factory Reset Protection (FRP) por medio de una Carpeta Segura. • https://security.samsungmobile.com/securityUpdate.smsb •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2020-0421
https://notcve.org/view.php?id=CVE-2020-0421
14 Oct 2020 — In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-161894517 En la función appendFormatV del archivo String8.cpp, se presenta una posible escritura fuera de límites debido a un manejo incorrecto de errores. Esto ... • https://github.com/nanopathi/system_core_AOSP10_r33_CVE-2020-0421 • CWE-755: Improper Handling of Exceptional Conditions CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-0422
https://notcve.org/view.php?id=CVE-2020-0422
14 Oct 2020 — In constructImportFailureNotification of NotificationImportExportListener.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local information disclosure of contact data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-161718556 En la función constructImportFailureNotification del archivo NotificationImportExportListener.java, se pr... • https://source.android.com/security/bulletin/2020-10-01 •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-0412
https://notcve.org/view.php?id=CVE-2020-0412
14 Oct 2020 — In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check. This could lead to local information disclosure of foreground processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.0 Android-8.1 Android-9Android ID: A-160390416 En la función setProcessMemoryTrimLevel del archivo ActivityManagerService.java, se presenta una falta de comprobación de permisos. Esto... • https://source.android.com/security/bulletin/2020-10-01 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 2%CPEs: 5EXPL: 1CVE-2020-0377
https://notcve.org/view.php?id=CVE-2020-0377
14 Oct 2020 — In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-158833854 En la función gatt_process_read_by_type_rsp del archivo gatt_cl.cc, se presenta una posible lectura fuera de límites deb... • https://github.com/Satheesh575555/system_bt_AOSP10_r33_CVE-2020-0377 • CWE-125: Out-of-bounds Read •