Medium
CVE-2020-0304
In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not neede…
Tag: Android OS
All CVEs associated with "Android OS". Page 25/76 • 9114 CVEs.
Subscribe CVEs: RSS for “Android OS” · RSS (High+Critical only)
About “Android OS”
A curated feed of “Android OS”-related CVEs appears below. We currently track 9114 CVEs for this tag (all time). In the last 365 days, 360 were published. Average CVSS is 6.8 (all time; 6.1 over 365d), and 49% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-926 - Improper Export of Android Application Components, CWE-451 - User Interface (UI) Misrepresentation of Critical Information, CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor.
In our taxonomy this topic maps to a MODERATE impact class. Issues here typically affect operating system packages or kernels. Plan reboots or service restarts and coordinate rollouts across fleets. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2020-09-18
Medium
CVE-2020-0302
In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not neede…
High
CVE-2020-0300
In NFC, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not need…
High
CVE-2020-0299
In Bluetooth, there is a possible spoofing of bluetooth device metadata due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User…
High
CVE-2020-0298
In Bluetooth, there is a possible control over Bluetooth enabled state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges need…
Medium
CVE-2020-0295
In Telecom, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed…
Medium
CVE-2020-0294
In bindWallpaperComponentLocked of WallpaperManagerService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execu…
Medium
CVE-2020-0292
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges and a compromised Firmware needed.…
Medium
CVE-2020-0291
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges and a compromised Firmware needed.…
High
CVE-2020-0286
In Bluetooth AVRCP, there is a possible leak of audio metadata due to residual data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction…
Medium
CVE-2020-0285
In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction…
Medium
CVE-2020-0284
In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction…
Medium
CVE-2020-0282
In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interactio…
Medium
CVE-2020-0281
In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interactio…
Medium
CVE-2020-0276
In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction…
High
CVE-2020-0273
In hwservicemanager, there is a possible out of bounds write due to freeing a wild pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User inter…
Medium
CVE-2020-0272
In libhwbinder, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges required. User interaction is no…
High
CVE-2020-0271
In the Settings app, there is an insecure default value. This could lead to local escalation of privilege and tapjacking with User execution privileges needed. User interaction is needed for exploita…
Medium
CVE-2020-0269
In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction…
Medium
CVE-2020-0268
In NFC, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploi…
Medium
CVE-2020-0265
In Telephony, there are possible leaks of sensitive data due to missing permission checks. This could lead to local information disclosure with no additional execution privileges needed. User interac…
Medium
CVE-2020-0263
In the Accessibility service, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interac…
High
CVE-2020-5976
NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component tr…
Critical
CVE-2020-0354
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not n…
Medium
CVE-2020-0318
In the System UI, there is a possible system crash due to an uncaught exception. This could lead to local permanent denial of service with no additional execution privileges needed. User interaction…
High
CVE-2020-0262
In WiFi tethering, there is a possible attacker controlled intent due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interact…
High
CVE-2020-0089
In the audio server, there is a missing permission check. This could lead to local escalation of privilege regarding audio settings with no additional execution privileges needed. User interaction is…
Medium
CVE-2020-5629
UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via a malicious App created by the third party. As a result, if the access dest…
Medium
CVE-2020-5628
UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via the vulnerable App. As a result, if the access destination is a malicious w…
2020-09-17
Medium
CVE-2020-0426
In SyncManager, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with no additional execution privileges needed. User interaction…
Medium
CVE-2020-0425
There is a possible way to view notifications even when the "Lockdown" feature is on. This could lead to local information disclosure with no additional execution privileges needed. User interaction…
High
CVE-2020-0406
In libmpeg2dec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if another exploit allowed this to be triggered with different…
High
CVE-2020-0375
In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege and the setting of supported EUICC countries with no additional…
High
CVE-2020-0374
In NFC, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed fo…
Medium
CVE-2020-0373
In SoundTriggerHwService, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interact…
Medium
CVE-2020-0372
In ActivityManager, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. Use…
Medium
CVE-2020-0370
In libAACdec, there is a possible out of bounds read due to missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is…
High
CVE-2020-0369
In libavb, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…
High
CVE-2020-0366
In PackageInstaller, there is a possible permissions bypass due to a tapjacking vulnerability. This could lead to local escalation of privilege using an app set as the default Assist app with User ex…
Medium
CVE-2020-0364
In libDRCdec, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction i…
Medium
CVE-2020-0363
In libmedia, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is…
Medium
CVE-2020-0362
In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interacti…
Medium
CVE-2020-0361
In libDRCdec, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction i…
High
CVE-2020-0360
In Notification Access Confirmation, there is a possible permissions bypass due to uninformed consent. This could lead to local escalation of privilege with User execution privileges needed. User int…
Medium
CVE-2020-0359
In GLESRenderEngine, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction…
Medium
CVE-2020-0358
In SurfaceFlinger, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
High
CVE-2020-0357
In SurfaceFlinger, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed.…
Medium
CVE-2020-0356
In the Audio HAL, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction…
Medium
CVE-2020-0355
In libFraunhoferAAC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User intera…
Medium
CVE-2020-0353
In libmp4extractor, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction…
Medium
CVE-2020-0352
In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not…
Medium
CVE-2020-0351
In libstagefright, there is possible CPU exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is n…
High
CVE-2020-0346
In Mediaserver, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if integer sanitization were not enabled (which it is by default),…
High
CVE-2020-0345
In DocumentsUI, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is ne…
Medium
CVE-2020-0344
In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not…
Medium
CVE-2020-0343
In NetworkStatsService, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.…
High
CVE-2020-0341
In DisplayManager, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User inter…
Medium
CVE-2020-0340
In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User i…
Medium
CVE-2020-0338
In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is need…
Medium
CVE-2020-0337
In MediaProvider, there is a possible bypass of a permissions check due to a confused deputy. This could lead to local information disclosure, with User execution privileges needed. User interaction…
Medium
CVE-2020-0336
In SurfaceFlinger, there is possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
Critical
CVE-2020-0333
In UrlQuerySanitizer, there is a possible improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploi…
Medium
CVE-2020-0332
In libstagefright, there is a possible dead loop due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed f…
Medium
CVE-2020-0330
In iorap, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege and code execution with System execution privileges needed. User interaction…
Medium
CVE-2020-0329
In the OMX encoder, there is a possible out of bounds read due to invalid input validation. This could lead to local information disclosure with no additional execution privileges needed. User intera…
Medium
CVE-2020-0328
In the camera, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not need…
Medium
CVE-2020-0324
In libsonivox, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction…
Medium
CVE-2020-0323
In libavb, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is no…
Medium
CVE-2020-0322
In apexd, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed…
High
CVE-2020-0321
In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is n…
Medium
CVE-2020-0320
In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interacti…
Medium
CVE-2020-0317
In UsageStatsManager, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. U…
Medium
CVE-2020-0314
In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not ne…
Medium
CVE-2020-0312
In Battery Saver, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not…
Medium
CVE-2020-0308
In Window Manager, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not…
High
CVE-2020-0306
In LLVM, there is a possible ineffective stack cookie placement due to stack frame double reservation. This could lead to local escalation of privilege with no additional execution privileges needed.…
High
CVE-2020-0303
In the Media extractor, there is a possible use after free due to improper locking. This could lead to remote code execution in the media extractor with no additional execution privileges needed. Use…
Medium
CVE-2020-0301
In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interacti…
Medium
CVE-2020-0297
In devicepolicy service, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction…
Medium
CVE-2020-0296
In ADB server and USB server, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interac…
Medium
CVE-2020-0293
In Java network APIs, there is possible access to sensitive network state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges ne…
Medium
CVE-2020-0290
In PackageManager, there is a missing permission check. This could lead to local information disclosure across users with no additional execution privileges needed. User interaction is not needed for…
Medium
CVE-2020-0289
In PackageManager, there is a missing permission check. This could lead to local information disclosure across users with no additional execution privileges needed. User interaction is not needed for…
Medium
CVE-2020-0288
In PackageManager, there is a missing permission check. This could lead to local information disclosure across user boundaries with no additional execution privileges needed. User interaction is not…
Medium
CVE-2020-0287
In libmkvextractor, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction…
Medium
CVE-2020-0279
In the AAC parser, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interact…
High
CVE-2020-0277
In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a malicious app to modify the devic…
High
CVE-2020-0275
In MediaProvider, there is a possible way to access ContentResolver and MediaStore entries the app shouldn't have access to due to a permissions bypass. This could lead to local escalation of privile…
Medium
CVE-2020-0274
In the OMX parser, there is a possible information disclosure due to a returned raw pointer. This could lead to local information disclosure with no additional execution privileges needed. User inter…
Medium
CVE-2020-0270
In tremolo, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is…
High
CVE-2020-0267
In WindowManager, there is a possible launch of an unexpected app due to a confused deputy. This could lead to local escalation of privilege due to launching a malicious app instead of the one the us…
High
CVE-2020-0266
In factory reset protection, there is a possible FRP bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User in…
High
CVE-2020-0264
In libstagefright, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is nee…
High
CVE-2020-0130
In screencap, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege in a system process with User execution privileges needed. User…
Medium
CVE-2020-0125
In mediadrm, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is…
High
CVE-2020-0434
In Pixel's use of the Catpipe library, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. Us…
High
CVE-2020-0433
In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges nee…
High
CVE-2020-0432
In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. U…
Medium
CVE-2020-0431
In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. U…
High
CVE-2020-0430
In skb_headlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges ne…
Medium
CVE-2020-0429
In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privil…
Medium
CVE-2020-0428
In CamX code, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges required. User interaction is not needed fo…
Medium
CVE-2020-0427
In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User inter…
Medium
CVE-2020-0403
In the FPC TrustZone fingerprint App, there is a possible invalid command handler due to an exposed test feature. This could lead to local escalation of privilege in the TEE, with System execution pr…
High
CVE-2020-0387
In manifest files of the SmartSpace package, there is a possible tapjacking vector due to a missing permission check. This could lead to local escalation of privilege and account hijacking with no ad…
Medium
CVE-2020-0407
In various functions in fscrypt_ice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs (Initialization Vectors), 64-bit IVs are…
Medium
CVE-2020-0404
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional e…
High
CVE-2020-0401
In setInstallerPackageName of PackageManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and granting spurious permissions with no additional ex…
Medium
CVE-2020-0399
In showLimitedSimFunctionWarningNotification of NotificationMgr.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User e…
Medium
CVE-2020-0397
In getNotificationBuilder of CarrierServiceStateTracker.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution…
Medium
CVE-2020-0396
In various places in Telephony, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User inter…
Medium
CVE-2020-0395
In showNotification of EmergencyCallbackModeService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution pri…
High
CVE-2020-0394
In onCreate of BluetoothPairingDialog.java, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege and untrusted devices accessing co…
Medium
CVE-2020-0393
In decrypt and decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution priv…
High
CVE-2020-0392
In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. U…
High
CVE-2020-0391
In applyPolicy of PackageManagerService.java, there is possible arbitrary command execution as System due to an unenforced protected-broadcast. This could lead to local escalation of privilege with n…
Medium
CVE-2020-0390
In the app zygote SE Policy, there is a possible permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for…
Medium
CVE-2020-0389
In createSaveNotification of RecordingService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privilege…
High
CVE-2020-0388
In createEmergencyLocationUserNotification of GnssVisibilityControl.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privileg…
Medium
CVE-2020-0386
In onCreate of RequestPermissionActivity.java, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege allowing an attacker to set Blu…