CWE:
 

Sorry. No results for Bugtraq WLB2


CVEMAP Search Results

CVE
Details
Description
2020-12-31
Medium
CVE-2020-12658

Vendor: Gssproxy project
Software: Gssproxy
 

 
** DISPUTED ** gssproxy (aka gss-proxy) before 0.8.3 does not unlock cond_mutex before pthread exit in gp_worker_main() in gp_workers.c. NOTE: An upstream comment states "We are already on a shutdown path when running the code in question, so a DoS there doesn't make any sense, and there has been no additional information provided us (as upstream) to indicate why this would be a problem."

 
2020-12-15
Low
CVE-2020-27035

Vendor: Google
Software: Android
 

 
In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-152239213

 
2020-12-09
Medium
CVE-2020-29661

Vendor: Linux
Software: Linux kernel
 

 
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.

 
Medium
CVE-2020-29660

Vendor: Linux
Software: Linux kernel
 

 
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.

 
2020-10-16
Low
CVE-2020-9959

Vendor: Apple
Software: Ipad os
 

 
A lock screen issue allowed access to messages on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 14.0 and iPadOS 14.0. A person with physical access to an iOS device may be able to view notification contents from the lockscreen.

 
Medium
CVE-2020-9946

Vendor: Apple
Software: Ipad os
 

 
This issue was addressed with improved checks. This issue is fixed in iOS 14.0 and iPadOS 14.0, watchOS 7.0. The screen lock may not engage after the specified time period.

 
2020-10-14
Medium
CVE-2020-0423

Vendor: Google
Software: Android
 

 
In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-161151868References: N/A

 
Medium
CVE-2020-0420

Vendor: Google
Software: Android
 

 
In setUpdatableDriverPath of GpuService.cpp, there is a possible memory corruption due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-162383705

 
2020-10-01
Low
CVE-2020-15668

Vendor: Mozilla
Software: Firefox
 

 
A lock was missing when accessing a data structure and importing certificate information into the trust database. This vulnerability affects Firefox < 80 and Firefox for Android < 80.

 
2020-09-17
Medium
CVE-2020-0357

Vendor: Google
Software: Android
 

 
In SurfaceFlinger, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150225569

 

 


Copyright 2021, cxsecurity.com

 

Back to Top