CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2020-0173 In Parse_lins of eas_mdls.c, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User in... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0174 In Parse_ptbl of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User inter... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0175 In XMF_ReadNode of eas_xmf.c, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User i... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0176 In avdt_msg_prs_rej of avdt_msg.cc, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges ne... | 7.5 | HIGH | — | 0 |
| CVE-2020-0177 In connect() of PanService.java, there is a possible permissions bypass. This could lead to local escalation of privilege to change network connection settings with no additional execution privileges ... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0178 In getAllConfigFlags of SettingsProvider.cpp, there is a possible illegal read due to a missing permission check. This could lead to local information disclosure of config flags with no additional exe... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0179 In doSendObjectInfo of MtpServer.cpp, there is a possible path traversal attack due to insufficient input validation. This could lead to local escalation of privilege with no additional execution priv... | 7.8 | HIGH | — | 0 |
| CVE-2020-0180 In GetOpusHeaderBuffers() of OpusHeader.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privile... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0181 In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges n... | 7.5 | HIGH | — | 0 |
| CVE-2020-0182 In exif_entry_get_value of exif-entry.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges n... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0183 In handleMessage of BluetoothManagerService, there is an incomplete reset. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed f... | 7.8 | HIGH | — | 0 |
| CVE-2020-0184 In ihevcd_ref_list() of ihevcd_ref_list.c, there is a possible infinite loop due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. ... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0185 In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privile... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0186 In hal_fd_init of hal_fd.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User in... | 6.7 | MEDIUM | — | 0 |
| CVE-2020-0187 In engineSetMode of BaseBlockCipher.java, there is a possible incorrect cryptographic algorithm chosen due to an incomplete comparison. This could lead to local information disclosure with no addition... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0188 In onCreatePermissionRequest of SettingsSliceProvider.java, there is a possible permissions bypass due to a PendingIntent error. This could lead to local escalation of privilege with User execution pr... | 7.8 | HIGH | — | 0 |
| CVE-2020-0189 In ihevcd_decode() of ihevcd_decode.c, there is possible resource exhaustion due to an infinite loop. This could lead to remote denial of service with no additional execution privileges needed. User i... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0190 In ideint_weave_blk of ideint_utils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. U... | 8.8 | HIGH | — | 0 |
| CVE-2020-0191 In ih264d_update_default_index_list() of ih264d_dpb_mgr.c, there is a possible out of bounds read due to a logic error. This could lead to remote information disclosure with no additional execution pr... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0192 In ih264d_decode_slice_thread of ih264d_thread_parse_decode.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additio... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0193 In ihevc_intra_pred_chroma_mode_3_to_9_av8 of ihevc_intra_pred_chroma_mode_3_to_9.s, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclos... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0194 In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution p... | 8.8 | HIGH | — | 0 |
| CVE-2020-0195 In ihevcd_iquant_itrans_recon_ctb of ihevcd_iquant_itrans_recon_ctb.c and related functions, there is a possible information disclosure due to uninitialized data. This could lead to remote information... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0196 In RegisterNotificationResponse::GetEvent of register_notification_packet.cc, there is a possible abort due to improper input validation. This could lead to remote denial of service of the Bluetooth s... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0197 In InitDataParser::parsePssh of InitDataParser.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution p... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0198 In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. U... | 7.5 | HIGH | — | 0 |
| CVE-2020-0199 In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a possible use-after-free due to a race condition. This could lead to local information disclosure with System execution privileges... | 4.1 | MEDIUM | — | 0 |
| CVE-2020-0200 In ReadLittleEndian of raw_bit_reader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with no additional ... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0201 In showSecurityFields of WifiConfigController.java there is a possible credential leak due to a confused deputy. This could lead to remote escalation of privilege with no additional execution privileg... | 9.8 | CRITICAL | — | 0 |
| CVE-2020-0202 In onHandleIntent of TraceService.java, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. This could lead to local escalation... | 7.8 | HIGH | — | 0 |
| CVE-2020-0203 In freeIsolatedUidLocked of ProcessList.java, there is a possible UID reuse due to improper cleanup. This could lead to local escalation of privilege between constrained processes with no additional e... | 7.8 | HIGH | — | 0 |
| CVE-2020-0204 In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition. This could lead to local escalation of privilege by allowing a bypass of... | 7.0 | HIGH | — | 0 |
| CVE-2020-0205 In the DaalaBitReader constructor of entropy_decoder.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0206 In the settings app, there is a possible app crash due to improper input validation. This could lead to local denial of service of the Settings app with User execution privileges needed. User interact... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0207 In next_marker of jdmarker.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. ... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0208 In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ... | 7.8 | HIGH | — | 0 |
| CVE-2020-0209 In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ... | 7.8 | HIGH | — | 0 |
| CVE-2020-0210 In removeSharedAccountAsUser of AccountManager.java, there is a possible permissions bypass to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed... | 7.8 | HIGH | — | 0 |
| CVE-2020-0211 In SumCompoundHorizontalTaps of convolve_neon.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution pr... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0212 In _onBufferDestroyed of InputBufferManager.cpp, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privilege... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0213 In hevcd_fmt_conv_420sp_to_420sp_av8 of ihevcd_fmt_conv_420sp_to_420sp.s, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with n... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-0214 In ce_t4t_process_select_file_cmd of ce_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution p... | 7.5 | HIGH | — | 0 |
| CVE-2020-0215 In onCreate of ConfirmConnectActivity.java, there is a possible leak of Bluetooth information due to a permissions bypass. This could lead to local escalation of privilege that exposes a pairing Bluet... | 7.8 | HIGH | — | 0 |
| CVE-2020-0216 In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution pr... | 7.8 | HIGH | — | 0 |
| CVE-2020-0217 In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. Use... | 9.8 | CRITICAL | — | 0 |
| CVE-2020-0218 In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional... | 7.0 | HIGH | — | 0 |
| CVE-2020-0219 In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent. This could lead to local elevation of privilege with no additional execution privileges needed. User interaction is no... | 7.8 | HIGH | — | 0 |
| CVE-2020-0233 In main of main.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n... | 7.8 | HIGH | — | 0 |
| CVE-2020-11613 Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group ... | 7.8 | HIGH | — | 0 |
| CVE-2020-11614 Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after... | 8.1 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.