Lucene search
K

203 matches found

OSV
OSV
added 2019/07/08 6:15 p.m.3 views

CVE-2019-2116

In saveattrseq of sdpdiscovery.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0...

7.5CVSS7.2AI score0.00818EPSS
Exploits0References1
OSV
OSV
added 2019/07/08 6:15 p.m.6 views

UBUNTU-CVE-2019-2109

In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...

8.8CVSS6.4AI score0.01199EPSS
Exploits0References3
OSV
OSV
added 2019/06/19 9:15 p.m.4 views

CVE-2018-9563

In llcputilparsecc of llcputil.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1...

6.5CVSS5.9AI score
Exploits0References1
OSV
OSV
added 2019/06/19 9:15 p.m.5 views

CVE-2019-2003

In addLinks of Linkify.java, there is a possible phishing vector due to an unusual root cause. This could lead to remote code execution or misdirection of clicks with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

8.8CVSS7.8AI score0.0137EPSS
Exploits0References1
OSV
OSV
added 2019/06/19 9:15 p.m.3 views

CVE-2019-2022

In rwt3tacthandlefmtrsp and rwt3tacthandlesrorsp of rwt3t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

6.5CVSS6.8AI score0.00779EPSS
Exploits0References1
OSV
OSV
added 2019/06/19 9:15 p.m.5 views

CVE-2019-2019

In cet4tdatacback of cet4t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1...

6.5CVSS6.8AI score0.00879EPSS
Exploits0References1
OSV
OSV
added 2019/06/19 9:15 p.m.4 views

CVE-2018-9564

In llcputilparselinkparams of llcputil.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

6.5CVSS5.9AI score0.00758EPSS
Exploits0References1
OSV
OSV
added 2019/06/19 8:15 p.m.7 views

CVE-2019-2010

In phNxpNciHalprocessextrsp of phNxpNciHalext.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS7.2AI score0.0018EPSS
Exploits0References1
OSV
OSV
added 2019/06/19 8:15 p.m.2 views

CVE-2019-2012

In rwt3tacthandlefmtrsp of rwt3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1...

8.8CVSS7.4AI score0.00796EPSS
Exploits0References1
OSV
OSV
added 2019/06/19 8:15 p.m.2 views

CVE-2019-2015

In rwt3tacthandlecheckrsp of rwt3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

8.8CVSS7.4AI score0.00796EPSS
Exploits0References1
OSV
OSV
added 2019/06/19 8:15 p.m.2 views

CVE-2019-1989

In ih264dfmtconv420spto420p of ih264dformatconv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

8.8CVSS7.8AI score0.0137EPSS
Exploits0References1
OSV
OSV
added 2019/06/19 8:15 p.m.4 views

CVE-2019-1990

In ihevcdfmtconv420spto420p of ihevcdfmtconv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

8.8CVSS7.8AI score0.0137EPSS
Exploits0References1
OSV
OSV
added 2019/06/19 8:15 p.m.5 views

CVE-2019-2004

In publishKeyEvent, publishMotionEvent and sendUnchainedFinishedSignal of InputTransport.cpp, there are uninitialized data leading to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0...

5.5CVSS6.5AI score0.0017EPSS
Exploits0References1
OSV
OSV
added 2019/06/07 8:29 p.m.3 views

CVE-2019-2094

In parseMPEGCCData of NuPlayerCCDecoder.cpp, there is a possible out of bounds write due to missing bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0...

7.8CVSS7.6AI score0.01092EPSS
Exploits0References1
OSV
OSV
added 2019/06/07 8:29 p.m.3 views

CVE-2019-2092

In isSeparateProfileChallengeAllowed of DevicePolicyManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is not needed for exploitation. Product:...

7.8CVSS7.1AI score0.00153EPSS
Exploits0References1
OSV
OSV
added 2019/06/07 8:29 p.m.3 views

CVE-2019-2102

In the Bluetooth Low Energy BLE specification, there is a provided example Long Term Key LTK. If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired Android host due to improperly used crypto. User...

8.8CVSS7.3AI score0.00332EPSS
Exploits0References4
CNVD
CNVD
added 2019/06/05 12:0 a.m.3 views

Google Android System Elevation of Privilege Vulnerability (CNVD-2019-23100)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the System component of Google Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9. No details of the vulnerability are provided at this...

9.3CVSS7.2AI score0.00565EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/05 12:0 a.m.2 views

Google Android Media framework elevation of privilege vulnerability (CNVD-2019-23118)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the Media framework component in Google Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9. An attacker can exploit this vulnerability to...

7.8CVSS7.5AI score0.0017EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/05 12:0 a.m.2 views

Google Android System Elevation of Privilege Vulnerability (CNVD-2019-23099)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the System component of Google Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9. An attacker can exploit the vulnerability to potential...

7.8CVSS7.1AI score0.00153EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/05 12:0 a.m.4 views

Google Android Framework elevation of privilege vulnerability (CNVD-2019-23120)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the Framework component of Google Android 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. An attacker can exploit the vulnerability to cause a...

7.8CVSS7.1AI score0.00153EPSS
Exploits0References1
Rows per page
Query Builder