CVSS: 8.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-8860 – Samsung Galaxy S10 Call Control Setup Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-8860
20 Feb 2020 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target must answer a phone call. The specific flaw exists within the Call Control Setup messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. ... • https://security.samsungmobile.com/securityUpdate.smsb • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0027
https://notcve.org/view.php?id=CVE-2020-0027
13 Feb 2020 — In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144040966 En la función HidRawSensor::batch del archivo HidRawSensor.cpp, se presenta una posible escritura fuera de límites debido a un cambio inesperado. Es... • https://source.android.com/security/bulletin/2020-02-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0026
https://notcve.org/view.php?id=CVE-2020-0026
13 Feb 2020 — In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140419401 En la función Parcel::continueWrite del archivo Parcel.cpp, es posible una corrupción de la memoria debido a un uso de la memoria previamente liberada. Esto podría conlleva... • https://source.android.com/security/bulletin/2020-02-01 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0005
https://notcve.org/view.php?id=CVE-2020-0005
13 Feb 2020 — In btm_read_remote_ext_features_complete of btm_acl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-141552859 En la función btm_read_remote_ext_features_complete del archivo btm_acl.cc, se presenta una posible escritura fuera de límites debido a una falta de comp... • https://source.android.com/security/bulletin/2020-02-01 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 12%CPEs: 46EXPL: 9CVE-2020-0022 – Android Bluetooth Remote Denial of Service
https://notcve.org/view.php?id=CVE-2020-0022
13 Feb 2020 — In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715 En la función reassemble_and_dispatch del archivo packet_fragmenter.cc, es posible una escritura fuera de límites debido a un cálculo de... • https://packetstorm.news/files/id/156891 • CWE-682: Incorrect Calculation •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0018
https://notcve.org/view.php?id=CVE-2020-0018
13 Feb 2020 — In MotionEntry::appendDescription of InputDispatcher.cpp, there is a possible log information disclosure. This could lead to local disclosure of user input with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139945049 En la función MotionEntry::appendDescription del archivo InputDispatcher.cpp, se presenta una posible divulgación de información del registro. Esto podría conllevar a una di... • https://source.android.com/security/bulletin/2020-02-01 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0017
https://notcve.org/view.php?id=CVE-2020-0017
13 Feb 2020 — In multiple places, it was possible for the primary user’s dictionary to be visible to and modifiable by secondary users. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-123232892 En varios lugares, era posible que el diccionario del usuario principal fuera visible y modificable por usuarios secundarios. Esto podría conllevar a una di... • https://source.android.com/security/bulletin/2020-02-01 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-0015
https://notcve.org/view.php?id=CVE-2020-0015
13 Feb 2020 — In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139017101 En la función onCreate del archivo CertInstaller.java, existe una manera posible de superponer el cuadro de diálogo Certificate Installation me... • https://source.android.com/security/bulletin/2020-02-01 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2020-0014
https://notcve.org/view.php?id=CVE-2020-0014
13 Feb 2020 — It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. This could lead to a local escalation of privilege with no additional execution privileges needed. User action is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-128674520 Es posible que una aplicación maliciosa construya una ventana TYPE_TOAST manualmente y haga que esa ventana sea cliqueable. Esto podría conllevar a una escalada de... • https://github.com/tea9/CVE-2020-0014-Toast • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2019-19273
https://notcve.org/view.php?id=CVE-2019-19273
04 Feb 2020 — On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265. En dispositivos móviles Samsung con versiones de software O(8.0) y P(9.0) y un chipset Exynos versión 8895, RKP (también se conoce como la implementación Samsung Hypervisor EL2) permite operaciones de escritura de memoria arbitrarias. El ID de Samsung es SVE-2019-16265. • https://census-labs.com/news/2020/10/08/samsung-hypervisor-rkp-arbitrary-zero-write • CWE-787: Out-of-bounds Write •