CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-0385
https://notcve.org/view.php?id=CVE-2020-0385
17 Sep 2020 — In Parse_insh of eas_mdls.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote information disclosure in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-150160041 En la función Parse_insh del archivo eas_mdls.c, se presenta una posible escritura fuera de límites debido a una comprobación inapropiada de... • https://source.android.com/security/bulletin/2020-09-01 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-0384
https://notcve.org/view.php?id=CVE-2020-0384
17 Sep 2020 — In Parse_art of eas_mdls.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote information disclosure in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-150159906 En la función Parse_art del archivo eas_mdls.c, se presenta una posible escritura fuera de límites debido a una comprobación inapropiada de l... • https://source.android.com/security/bulletin/2020-09-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 1CVE-2020-0381
https://notcve.org/view.php?id=CVE-2020-0381
17 Sep 2020 — In Parse_wave of eas_mdls.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure in a highly constrained process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-150159669 En la función Parse_wave del archivo eas_mdls.c, se presenta una posible escritura fuera de límites debido a un desbordamiento de ent... • https://github.com/Trinadh465/external_sonivox_AOSP10_r33_CVE-2020-0381 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 5.7EPSS: 0%CPEs: 5EXPL: 0CVE-2020-0379
https://notcve.org/view.php?id=CVE-2020-0379
17 Sep 2020 — In the Bluetooth service, there is a possible spoofing attack due to a logic error. This could lead to remote information disclosure of sensitive information with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-150156492 En el servicio Bluetooth, se presenta un posible ataque de suplantación de identidad debido a un error lógico. Esto podría conllevar a una divulgación d... • https://source.android.com/security/bulletin/2020-09-01 •
CVSS: 10.0EPSS: 5%CPEs: 5EXPL: 1CVE-2020-0380
https://notcve.org/view.php?id=CVE-2020-0380
17 Sep 2020 — In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-146398979 En la función allocExcessBits del archivo bitalloc.c, se presenta una posible escritura fuera de límites debido a una comprobación inapropiada de límites. Es... • https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2020-0380 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 4CVE-2020-0074
https://notcve.org/view.php?id=CVE-2020-0074
17 Sep 2020 — In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-146204120 En la función verifyIntentFiltersIfNeeded del archivo PackageManagerService.java, se presenta una posibl... • https://github.com/Nivaskumark/CVE-2020-0074-frameworks_base • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-25281
https://notcve.org/view.php?id=CVE-2020-25281
11 Sep 2020 — An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Applications with sensitive security settings (such as the package verifier application) mishandle unknown-source installations. The LG ID is LVE-SMP-190002 (September 2020). Se detectó un problema en los dispositivos móviles LG con software de Android OS versiones 7.0, 7.1, 7.2, 8.0 y 8.1. Las aplicaciones con configuraciones de seguridad confidenciales (como la aplicación de verificación de paquetes) manejan... • https://lgsecurity.lge.com •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-25283
https://notcve.org/view.php?id=CVE-2020-25283
11 Sep 2020 — An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. BT manager allows attackers to bypass intended access restrictions on a certain mode. The LG ID is LVE-SMP-200021 (September 2020). Se detectó un problema en los dispositivos móviles LG con software de Android OS versiones 8.0, 8.1, 9.0 y 10. BT Manager permite a atacantes omitir las restricciones de acceso previstas en un modo determinado. • https://lgsecurity.lge.com • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-25278
https://notcve.org/view.php?id=CVE-2020-25278
11 Sep 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung IDs are SVE-2020-18088, SVE-2020-18225, SVE-2020-18301 (September 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0). La biblioteca de códecs de imágenes de Quram permite a atacantes sobrescrib... • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-25279
https://notcve.org/view.php?id=CVE-2020-25279
11 Sep 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The baseband component has a buffer overflow via an abnormal SETUP message, leading to execution of arbitrary code. The Samsung ID is SVE-2020-18098 (September 2020). Se detectó un problema en los dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0) (chipsets Exynos). El componente baseband presenta un desbordamiento de búfer por medio de un mensaje SETUP anormal, lo que ... • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •