Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Android
Total 7791 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6381 6 Debian, Fedoraproject, Google and 3 more 11 Debian Linux, Fedora, Android and 8 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15995 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15980 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Android and 2 more 2023-11-07 4.6 MEDIUM 7.8 HIGH
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents.
CVE-2020-15978 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Android and 2 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
CVE-2020-15976 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Android and 2 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-0499 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Android 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156076070
CVE-2020-0452 2 Fedoraproject, Google 2 Fedora, Android 2023-11-07 7.5 HIGH 9.8 CRITICAL
In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-159625731
CVE-2020-0198 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-11-07 5.0 MEDIUM 7.5 HIGH
In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146428941
CVE-2020-0181 3 Fedoraproject, Google, Libexif Project 3 Fedora, Android, Libexif 2023-11-07 5.0 MEDIUM 7.5 HIGH
In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145075076
CVE-2020-0081 2 Fedoraproject, Google 2 Fedora, Android 2023-11-07 7.2 HIGH 7.8 HIGH
In finalize of AssetManager.java, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144028297
CVE-2020-0028 1 Google 1 Android 2023-11-07 7.1 HIGH 6.5 MEDIUM
In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-122652057
CVE-2019-9433 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354
CVE-2019-9371 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-11-07 7.1 HIGH 6.5 MEDIUM
In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254
CVE-2019-9325 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112001302
CVE-2019-9278 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774
CVE-2019-9232 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-11-07 5.0 MEDIUM 7.5 HIGH
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483
CVE-2019-5833 4 Debian, Fedoraproject, Google and 1 more 6 Debian Linux, Fedora, Android and 3 more 2023-11-07 4.3 MEDIUM 4.3 MEDIUM
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.
CVE-2019-5816 3 Fedoraproject, Google, Opensuse 5 Fedora, Android, Chrome and 2 more 2023-11-07 6.8 MEDIUM 8.8 HIGH
Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.
CVE-2019-5767 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Android and 4 more 2023-11-07 4.3 MEDIUM 6.5 MEDIUM
Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK.
CVE-2019-5765 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Android and 4 more 2023-11-07 4.3 MEDIUM 5.5 MEDIUM
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent.