CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10831
https://notcve.org/view.php?id=CVE-2020-10831
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can trigger an update to arbitrary touch-screen firmware. The Samsung ID is SVE-2019-16013 (March 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.x), P(9.0) y Q(10.0). Los atacantes pueden activar una actualización en un firmware arbitrario de la pantalla táctil. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-10829
https://notcve.org/view.php?id=CVE-2020-10829
24 Mar 2020 — An issue was discovered on Samsung mobile devices with O(8.0), P(9.0), and Q(10.0) (Broadcom chipsets) software. A kernel driver heap overflow leads to arbitrary code execution. The Samsung ID is SVE-2019-15880 (March 2020). Se detectó un problema en dispositivos móviles Samsung con versiones de software O(8.0), P(9.0) y Q(10.0) (chipsets Broadcom). Un desbordamiento de la pila (heap) del controlador del kernel conduce a una ejecución de código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0039
https://notcve.org/view.php?id=CVE-2020-0039
10 Mar 2020 — In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143155861 En la función rw_i93_sm_update_ndef del archivo rw_i93.cc, hay una posible lectura de datos no inicializados debido a una falta de comprobación de límites. ... • https://source.android.com/security/bulletin/2020-03-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0038
https://notcve.org/view.php?id=CVE-2020-0038
10 Mar 2020 — In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143109193 En la función rw_i93_sm_update_ndef del archivo rw_i93.cc, hay una posible lectura de datos no inicializados debido a una falta de comprobación de límites. ... • https://source.android.com/security/bulletin/2020-03-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0037
https://notcve.org/view.php?id=CVE-2020-0037
10 Mar 2020 — In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143106535 En la función rw_i93_sm_set_read_only del archivo rw_i93.cc, hay una posible lectura fuera de límites debido a una falta de comprobación de límites. Esto... • https://source.android.com/security/bulletin/2020-03-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0036
https://notcve.org/view.php?id=CVE-2020-0036
10 Mar 2020 — In hasPermissions of PermissionMonitor.java, there is a possible access to restricted permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144679405 En la función hasPermissions del archivo PermissionMonitor.java, hay un posible acceso a permisos restringidos debido a una omisión de permisos. E... • https://source.android.com/security/bulletin/2020-03-01 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-0035
https://notcve.org/view.php?id=CVE-2020-0035
10 Mar 2020 — In query of TelephonyProvider.java, there is a possible access to SIM card info due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-140622024 En la consulta del archivo TelephonyProvider.java, hay un posible acceso a información de la tarjeta SIM debido a una falta de comprobación de permiso. Esto podría conlle... • https://source.android.com/security/bulletin/2020-03-01 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 3%CPEs: 3EXPL: 0CVE-2020-0034 – libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c
https://notcve.org/view.php?id=CVE-2020-0034
10 Mar 2020 — In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1Android ID: A-62458770 En la función vp8_decode_frame del archivo decodeframe.c, hay una posible lectura fuera de límites debido a una comprobación de entrada inapropiada.... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00048.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0033
https://notcve.org/view.php?id=CVE-2020-0033
10 Mar 2020 — In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144351324 En la función CryptoPlugin::decrypt del archivo CryptoPlugin.cpp, tiene una posible escritura fuera de límites debido a un puntero stale. Esto podría conllevar a una... • https://source.android.com/security/bulletin/2020-03-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0032
https://notcve.org/view.php?id=CVE-2020-0032
10 Mar 2020 — In ih264d_release_display_bufs of ih264d_utils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-145364230 En la función ih264d_release_display_bufs del archivo ih264d_utils.c, tiene una posible escritura fuera de límites debido a un desbordamiento del búfer de la pila. ... • https://source.android.com/security/bulletin/2020-03-01 • CWE-787: Out-of-bounds Write •