Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2020-0428 In CamX code, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges required. User interaction is not needed for... | 6.4 | MEDIUM | β | 0 |
| CVE-2020-0429 In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privile... | 6.7 | MEDIUM | β | 0 |
| CVE-2020-0430 In skb_headlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges nee... | 7.8 | HIGH | β | 0 |
| CVE-2020-0431 In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Us... | 6.7 | MEDIUM | β | 0 |
| CVE-2020-0277 In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a malicious app to modify the device... | 7.8 | HIGH | β | 0 |
| CVE-2020-0432 In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. Us... | 7.8 | HIGH | β | 0 |
| CVE-2020-0433 In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges need... | 7.8 | HIGH | β | 0 |
| CVE-2020-0434 In Pixel's use of the Catpipe library, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. Use... | 7.8 | HIGH | β | 0 |
| CVE-2020-24750 FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. | 8.1 | HIGH | β | 0 |
| CVE-2020-25215 yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-25216 yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-11295 Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT... | 6.8 | MEDIUM | β | 0 |
| CVE-2020-13260 A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remai... | 6.1 | MEDIUM | β | 0 |
| CVE-2020-15182 The SOY Inquiry component of SOY CMS is affected by Cross-site Request Forgery (CSRF) and Remote Code Execution (RCE). The vulnerability affects versions 2.0.0.3 and earlier of SOY Inquiry. This allow... | 8.4 | HIGH | β | 0 |
| CVE-2020-15183 SoyCMS 3.0.2 and earlier is affected by Reflected Cross-Site Scripting (XSS) which leads to Remote Code Execution (RCE) from a known vulnerability. This allows remote attackers to force the administra... | 8.4 | HIGH | β | 0 |
| CVE-2020-0125 In mediadrm, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is n... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0130 In screencap, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege in a system process with User execution privileges needed. User i... | 7.8 | HIGH | β | 0 |
| CVE-2020-0264 In libstagefright, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is need... | 8.8 | HIGH | β | 0 |
| CVE-2020-0293 In Java network APIs, there is possible access to sensitive network state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges nee... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0296 In ADB server and USB server, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interact... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0297 In devicepolicy service, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction i... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0301 In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interactio... | 6.5 | MEDIUM | β | 0 |
| CVE-2020-0303 In the Media extractor, there is a possible use after free due to improper locking. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User... | 8.8 | HIGH | β | 0 |
| CVE-2020-0306 In LLVM, there is a possible ineffective stack cookie placement due to stack frame double reservation. This could lead to local escalation of privilege with no additional execution privileges needed. ... | 7.8 | HIGH | β | 0 |
| CVE-2020-0308 In Window Manager, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not ... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0312 In Battery Saver, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not n... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0314 In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not nee... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0317 In UsageStatsManager, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. Us... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0320 In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interactio... | 6.5 | MEDIUM | β | 0 |
| CVE-2020-0321 In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is ne... | 8.8 | HIGH | β | 0 |
| CVE-2020-0322 In apexd, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed ... | 4.4 | MEDIUM | β | 0 |
| CVE-2020-0323 In libavb, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0324 In libsonivox, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction i... | 6.5 | MEDIUM | β | 0 |
| CVE-2020-0328 In the camera, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not neede... | 4.4 | MEDIUM | β | 0 |
| CVE-2020-17110 HEVC Video Extensions Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2020-0329 In the OMX encoder, there is a possible out of bounds read due to invalid input validation. This could lead to local information disclosure with no additional execution privileges needed. User interac... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0330 In iorap, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege and code execution with System execution privileges needed. User interaction i... | 6.7 | MEDIUM | β | 0 |
| CVE-2020-0332 In libstagefright, there is a possible dead loop due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed fo... | 6.5 | MEDIUM | β | 0 |
| CVE-2020-0333 In UrlQuerySanitizer, there is a possible improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploit... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-0336 In SurfaceFlinger, there is possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed f... | 6.7 | MEDIUM | β | 0 |
| CVE-2020-0337 In MediaProvider, there is a possible bypass of a permissions check due to a confused deputy. This could lead to local information disclosure, with User execution privileges needed. User interaction i... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0338 In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is neede... | 5.0 | MEDIUM | β | 0 |
| CVE-2020-0340 In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User in... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27990 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX ConFix confix allows PHP Local File Inclusion.This issue affects ConFi... | 8.1 | HIGH | β | 0 |
| CVE-2020-0341 In DisplayManager, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User intera... | 7.8 | HIGH | β | 0 |
| CVE-2020-0343 In NetworkStatsService, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. ... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0344 In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not n... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-0345 In DocumentsUI, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is nee... | 7.8 | HIGH | β | 0 |
| CVE-2020-0346 In Mediaserver, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if integer sanitization were not enabled (which it is by default), ... | 7.8 | HIGH | β | 0 |
| CVE-2020-0351 In libstagefright, there is possible CPU exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is ne... | 6.5 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.