National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 131,091 matching records.
Displaying matches 261 through 280.
Vuln ID Summary CVSS Severity
CVE-2020-3725

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

Published: February 13, 2020; 10:15:12 AM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2020-3724

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

Published: February 13, 2020; 10:15:12 AM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2020-3723

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

Published: February 13, 2020; 10:15:12 AM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2020-3722

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

Published: February 13, 2020; 10:15:12 AM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2020-3721

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

Published: February 13, 2020; 10:15:12 AM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2020-3720

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

Published: February 13, 2020; 10:15:12 AM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2020-0030

In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145286050References: Upstream kernel

Published: February 13, 2020; 10:15:12 AM -05:00
V3.1: 7.0 HIGH
    V2: 6.9 MEDIUM
CVE-2020-0028

In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-122652057

Published: February 13, 2020; 10:15:12 AM -05:00
V3.1: 6.5 MEDIUM
    V2: 7.1 HIGH
CVE-2020-0027

In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144040966

Published: February 13, 2020; 10:15:12 AM -05:00
V3.1: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2020-0026

In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140419401

Published: February 13, 2020; 10:15:11 AM -05:00
V3.1: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2020-0023

In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user contacts over bluetooth due to a missing permission check. This could lead to local information disclosure if a malicious app enables contacts over a bluetooth connection, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145130871

Published: February 13, 2020; 10:15:11 AM -05:00
(not available)
CVE-2020-0022

In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715

Published: February 13, 2020; 10:15:11 AM -05:00
V3.1: 8.8 HIGH
    V2: 8.3 HIGH
CVE-2020-0021

In removeUnusedPackagesLPw of PackageManagerService.java, there is a possible permanent denial-of-service due to a missing package dependency test. This could lead to remote denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141413692

Published: February 13, 2020; 10:15:11 AM -05:00
V3.1: 6.5 MEDIUM
    V2: 6.8 MEDIUM
CVE-2020-0020

In getAttributeRange of ExifInterface.java, there is a possible failure to redact location information from media files due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143118731

Published: February 13, 2020; 10:15:11 AM -05:00
V3.1: 5.5 MEDIUM
    V2: 4.9 MEDIUM
CVE-2020-0018

In MotionEntry::appendDescription of InputDispatcher.cpp, there is a possible log information disclosure. This could lead to local disclosure of user input with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139945049

Published: February 13, 2020; 10:15:11 AM -05:00
V3.1: 4.4 MEDIUM
    V2: 2.1 LOW
CVE-2020-0017

In multiple places, it was possible for the primary user’s dictionary to be visible to and modifiable by secondary users. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-123232892

Published: February 13, 2020; 10:15:11 AM -05:00
(not available)
CVE-2020-0015

In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139017101

Published: February 13, 2020; 10:15:11 AM -05:00
(not available)
CVE-2020-0014

It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. This could lead to a local escalation of privilege with no additional execution privileges needed. User action is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-128674520

Published: February 13, 2020; 10:15:11 AM -05:00
(not available)
CVE-2020-0005

In btm_read_remote_ext_features_complete of btm_acl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-141552859

Published: February 13, 2020; 10:15:11 AM -05:00
V3.1: 6.7 MEDIUM
    V2: 7.2 HIGH
CVE-2019-2200

In updatePermissions of PermissionManagerService.java, it may be possible for a malicious app to obtain a custom permission from another app due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-67319274

Published: February 13, 2020; 10:15:11 AM -05:00
V3.1: 7.3 HIGH
    V2: 6.9 MEDIUM