Export limit exceeded: 335034 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3411 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-0305 | 3 Google, Opensuse, Redhat | 3 Android, Leap, Enterprise Linux | 2024-11-21 | 6.4 Medium |
| In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744 | ||||
| CVE-2020-0268 | 1 Google | 1 Android | 2024-11-21 | 6.4 Medium |
| In NFC, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-148294643 | ||||
| CVE-2020-0238 | 1 Google | 1 Android | 2024-11-21 | 7.0 High |
| In updatePreferenceIntents of AccountTypePreferenceLoader, there is a possible confused deputy attack due to a race condition. This could lead to local escalation of privilege and launching privileged activities with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-150946634 | ||||
| CVE-2020-0218 | 1 Google | 1 Android | 2024-11-21 | 7.0 High |
| In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136005905 | ||||
| CVE-2020-0204 | 1 Google | 1 Android | 2024-11-21 | 7.0 High |
| In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition. This could lead to local escalation of privilege by allowing a bypass of the initial zip file signature check for an OS update with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136498130 | ||||
| CVE-2020-0199 | 1 Google | 1 Android | 2024-11-21 | 4.1 Medium |
| In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a possible use-after-free due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142142406 | ||||
| CVE-2020-0141 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| In OutputBuffersArray::realloc of CCodecBuffers.cpp, there is a possible heap disclosure due to a race condition. This could lead to remote information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142544793 | ||||
| CVE-2020-0126 | 1 Google | 1 Android | 2024-11-21 | 6.4 Medium |
| In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local code execution with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137878930 | ||||
| CVE-2020-0066 | 1 Google | 1 Android | 2024-11-21 | 6.4 Medium |
| In the netlink driver, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-65025077 | ||||
| CVE-2020-0045 | 1 Google | 1 Android | 2024-11-21 | 6.4 Medium |
| In StatsService::command of StatsService.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141243101 | ||||
| CVE-2020-0030 | 1 Google | 1 Android | 2024-11-21 | 7.0 High |
| In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145286050References: Upstream kernel | ||||
| CVE-2020-0008 | 1 Google | 1 Android | 2024-11-21 | 4.7 Medium |
| In LowEnergyClient::MtuChangedCallback of low_energy_client.cc, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-142558228 | ||||
| CVE-2020-0003 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In onCreate of InstallStart.java, there is a possible package validation bypass due to a time-of-check time-of-use vulnerability. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android ID: A-140195904 | ||||
| CVE-2019-9821 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A |
| A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. This vulnerability affects Firefox < 67. | ||||
| CVE-2019-9818 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2024-11-21 | 8.3 High |
| A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. | ||||
| CVE-2019-9710 | 1 Webargs Project | 1 Webargs | 2024-11-21 | N/A |
| An issue was discovered in webargs before 5.1.3, as used with marshmallow and other products. JSON parsing uses a short-lived cache to store the parsed JSON body. This cache is not thread-safe, meaning that incorrect JSON payloads could have been parsed for concurrent requests. | ||||
| CVE-2019-9486 | 3 Ionos, Strato, Telekom | 3 1\&1 Online Storage, Hidrive Desktop Client, Magentacloud | 2024-11-21 | N/A |
| STRATO HiDrive Desktop Client 5.0.1.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the HiDriveMaintenanceService service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. An attacker can inject and execute code by hijacking the insecure communications with the service. This vulnerability also affects Telekom MagentaCLOUD through 5.7.0.0 and 1&1 Online Storage through 6.1.0.0. | ||||
| CVE-2019-9458 | 3 Google, Opensuse, Redhat | 4 Android, Leap, Enterprise Linux and 1 more | 2024-11-21 | 7.0 High |
| In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9450 | 1 Google | 1 Android | 2024-11-21 | 6.4 Medium |
| In the Android kernel in the FingerTipS touchscreen driver there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2019-9375 | 1 Google | 1 Android | 2024-11-21 | 6.4 Medium |
| In hostapd, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129344244 | ||||