321 matches found
EUVD-2017-0759
Malware in sbrugna...
EUVD-2017-0827
Malware in sbrugna...
EUVD-2017-1234
Malware in sbrugna...
EUVD-2017-0851
Malware in sbrugna...
EUVD-2017-4703
Malware in sbrugna...
EUVD-2019-11826
Malware in sbrugna...
ZTE Blade Vantage Z839 Emode.APK android.uid.system Privilege Escalation
ZTE Blade Vantage Z839 Emode.APK android.uid.system LPE exploit =============================================================== ZTE Blade Vantage Z839 Android handsets running 7.1.1 contain an engineering mode that utilizes "Android Secret Codes" for accessing hidden engineering functionality. Su...
Integer overflow
In nfcncifdecoderfparams of nfcncif.cc, there is a possible out of bounds read due to an integer underflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.1.1...
Out-of-bounds
In VlcDequantH263IntraBlockSH of vlcdequant.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.1.1...
CVE-2019-2187
In nfcncifdecoderfparams of nfcncif.cc, there is a possible out of bounds read due to an integer underflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.1.1...
CVE-2019-2184
CVE-2019-2184 affects Android’s Media framework, specifically PV_DecodePredictedIntraDC in dec_pred_intra_dc.cpp. The issue is an out-of-bounds write caused by a missing bounds check, leading to remote code execution with no special privileges required. Exploitation is described as requiring user...
CVE-2019-2173
In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Google Android System Component Multiple Security Vulnerabilities
Description Google Android is prone to multiple security vulnerabilities. An attacker can leverage these issues to gain access to sensitive information or elevated privileges. These issues are being tracked by Android IDs A-123700348, A-124940143 Technologies Affected Google Android 10.0 Google...
CVE-2019-2115
In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2019-2124
In ComposeActivityEmailExternal of ComposeActivityEmailExternal.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure...
Code injection
In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible local execution of arbitrary code in a privileged process due to a memory overwrite. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...
CVE-2019-2124
CVE-2019-2124 affects Android 7.1.1–9 in ComposeActivityEmailExternal.py (ComposeActivityEmailExternal.java). A confused deputy could silently attach files to an email, enabling local information disclosure. Affected: Android 7.1.1, 7.1.2, 8.0, 8.1, 9. Exploitation: local. Remediation: apply patc...
CVE-2019-2136
In Status::readFromParcel of Status.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7....
CVE-2019-2125
In ChangeDefaultDialerDialog.java, there is a possible escalation of privilege due to an overlay attack. This could lead to local escalation of privilege, granting privileges to a local app without the user's informed consent, with no additional privileges needed. User interaction is needed for...
CVE-2019-2129
In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...