Lucene search
K

273 matches found

NVD
NVD
added 2019/06/07 8:29 p.m.36 views

CVE-2019-2096

In EffectRelease of EffectBundle.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

7.8CVSS7.9AI score0.0017EPSS
Exploits0References1
Prion
Prion
added 2019/06/07 8:29 p.m.38 views

Hardcoded credentials

In the Bluetooth Low Energy BLE specification, there is a provided example Long Term Key LTK. If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired Android host due to improperly used crypto. User...

8.3CVSS8.1AI score0.00332EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2019/06/07 8:29 p.m.22 views

Type confusion

In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to type confusion. This could lead to remote code execution from a malicious proxy configuration, with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...

10CVSS9.1AI score0.01334EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/06/07 8:29 p.m.17 views

Out-of-bounds

In nfarwstorendefrxbuf of nfarwact.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0...

9.3CVSS7.7AI score0.00565EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/06/07 7:40 p.m.17 views

CVE-2019-2098

In areNotificationsEnabledForPackage of NotificationManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional privileges needed. User interaction is not needed for exploitation. Product:...

7.7AI score0.00153EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/06/07 7:31 p.m.18 views

CVE-2019-2090

In isPackageDeviceAdminOnAnyUser of PackageManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is not needed for exploitation. Product: Android...

7.6AI score0.00131EPSS
Exploits0References1
android
android
added 2019/06/01 12:0 a.m.41 views

CVE-2019-2097

In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to type confusion. This could lead to remote code execution from a malicious proxy configuration, with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...

10CVSS7AI score0.01334EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2019/05/08 5:29 p.m.21 views

CVE-2019-2053

In wnmparseneighborreportelem of wnmsta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

5.5CVSS5.1AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2019/05/08 5:29 p.m.16 views

CVE-2019-2051

In heap of spaces.h, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure when processing a proxy auto config file with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...

7.8CVSS7.1AI score0.01023EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/05/08 5:29 p.m.41 views

CVE-2019-2053

In wnmparseneighborreportelem of wnmsta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

5.5CVSS6.6AI score0.00171EPSS
Exploits0References2
Prion
Prion
added 2019/05/08 5:29 p.m.11 views

Type confusion

In VisitPointers of heap.cc, there is a possible out-of-bounds read due to type confusion. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1...

7.8CVSS7AI score0.01023EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/05/08 5:29 p.m.14 views

Out-of-bounds

In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

10CVSS9.1AI score0.01362EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/05/08 5:29 p.m.19 views

Out-of-bounds

In wnmparseneighborreportelem of wnmsta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

4.9CVSS5AI score0.00171EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/05/08 5:29 p.m.15 views

Out-of-bounds

In heap of spaces.h, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure when processing a proxy auto config file with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...

7.8CVSS7.1AI score0.01023EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/05/08 5:29 p.m.19 views

CVE-2019-2043

In SmsDefaultDialog.onStart of SmsDefaultDialog.java, there is a possible escalation of privilege due to an overlay attack. This could lead to local escalation of privilege, granting privileges to a local app without the user's informed consent, with no additional privileges needed. User...

7.3CVSS7.3AI score0.00178EPSS
Exploits0References2
Prion
Prion
added 2019/05/08 5:29 p.m.23 views

Out-of-bounds

In MakeMPG4VideoCodecSpecificData of APacketSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product:...

9.3CVSS8.6AI score0.01153EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/05/08 5:29 p.m.16 views

Type confusion

In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

10CVSS9.1AI score0.01362EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/05/08 5:29 p.m.18 views

Privilege escalation

In SmsDefaultDialog.onStart of SmsDefaultDialog.java, there is a possible escalation of privilege due to an overlay attack. This could lead to local escalation of privilege, granting privileges to a local app without the user's informed consent, with no additional privileges needed. User...

6.9CVSS7.2AI score0.00178EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/05/08 5:29 p.m.18 views

Integer overflow

In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...

10CVSS9.1AI score0.01334EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/05/08 5:29 p.m.23 views

CVE-2019-2046

In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...

10CVSS9.3AI score0.01334EPSS
Exploits0References1
Rows per page
Query Builder