Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-27050 |
In rw_i93_send_cmd_write_multi_blocks of rw_i93.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157650365 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2020-27049 |
In rw_t3t_send_raw_frame of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157649467 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2020-27048 |
In RW_SendRawFrame of rw_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157650117 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2020-27047 |
In ce_t4t_update_binary of ce_t4t.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157649298 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-27046 |
In nfc_ncif_proc_ee_action of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157649306 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2020-27045 |
In CE_SendRawFrame of ce_main.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157649398 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2020-27044 |
In restartWrite of Parcel.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157066561 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2020-27043 |
In nfc_enabled of nfc_main.cc, there is a possible out of bounds read due to an incorrect increment. This could lead to local information disclosure via firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155234594 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2020-27041 |
In showProvisioningNotification of ConnectivityService.java, there is an unsafe PendingIntent. This could lead to local information disclosure of notification data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154928507 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2020-27040 |
In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153731880 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2020-27039 |
In postNotification of ServiceRecord.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153878498 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2020-27038 |
In process of C2SoftVorbisDec.cpp, there is a possible resource exhaustion due to a memory leak. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154302257 Published: December 15, 2020; 12:15:13 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-27037 |
In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153731335 Published: December 15, 2020; 12:15:12 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2020-27036 |
In phNxpNciHal_send_ext_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153731369 Published: December 15, 2020; 12:15:12 PM -0500 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2020-27035 |
In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-152239213 Published: December 15, 2020; 11:15:15 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2020-27034 |
In createSimSelectNotification of SimSelectNotification.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153556754 Published: December 15, 2020; 11:15:15 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2020-27033 |
In nfc_ncif_proc_get_routing of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153655153 Published: December 15, 2020; 11:15:15 AM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2020-27032 |
In getRadioAccessFamily of PhoneInterfaceManager.java, there is a possible read of privileged data due to a missing permission check. This could lead to local information disclosure of radio data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150857259 Published: December 15, 2020; 11:15:15 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2020-27031 |
In nfc_data_event of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151313205 Published: December 15, 2020; 11:15:15 AM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2020-27030 |
In onCreate of HandleApiCalls.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege that allows an app to set or dismiss the alarm with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150612638 Published: December 15, 2020; 11:15:15 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |