QSearchQSearch

CVE-2020-0415

5.5 MEDIUM

In various locations in SystemUI, there is a possible permission bypass due to an unsafe PendingIntent

Published: 2020-10-14 · Last updated: 2026-06-18

Severity and scoring

CVSS
5.5 MEDIUM
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected products

VendorProduct
googleandroid

Description

In various locations in SystemUI, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of contact data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-156020795

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-12035 Use after free in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corrupt... (8.8 HIGH)
  • CVE-2026-12034 Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 149.0.7827.115 allowed a remote at... (8.3 HIGH)
  • CVE-2026-12033 Out of bounds read in VideoCapture in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the GPU process... (5.3 MEDIUM)
  • CVE-2026-12032 Inappropriate implementation in Passwords in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromis... (3.1 LOW)
  • CVE-2026-12031 Inappropriate implementation in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised t... (8.3 HIGH)