Lucene search
+L

3079 matches found

CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-2060

CVE-2019-2060 affects the Android 10 libxaac library, with a potential out-of-bounds read due to a missing bounds check that could lead to information disclosure. Exploitation requires user interaction. Affected product/version: Android 10; Android ID A-112709994. CVSS data from NVD indicates a b...

6.5CVSS6.4AI score0.00583EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/09/27 6:5 p.m.46 views

CVE-2019-2069

CVE-2019-2069 affects Android 10 via a vulnerability in libxaac caused by a missing bounds check, leading to an out-of-bounds write that could cause remote code execution. The description states user interaction is required for exploitation. Connected documentation confirms the issue exists in li...

8.8CVSS9AI score0.00714EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/09/27 6:5 p.m.21 views

CVE-2019-2060

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112709994...

6.5AI score0.00583EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/09/27 6:5 p.m.13 views

CVE-2019-2069

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117832864...

9.1AI score0.00714EPSS
Exploits0References1
CVE
CVE
added 2019/09/27 6:5 p.m.44 views

CVE-2019-2068

CVE-2019-2068 affects Android 10 via libxaac, where an out-of-bounds write due to a missing bounds check could enable remote code execution. Exploitation requires user interaction; the CVSS data indicates network access as a potential vector (NVD) and high impact (RCE) per Android bulletin. Remed...

8.8CVSS9AI score0.00714EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/09/27 6:5 p.m.47 views

CVE-2019-2055

CVE-2019-2055 affects Android 10 via the libxaac library, where an out-of-bounds write due to a missing bounds check enables remote code execution with the attacker needing no privileges and requiring user interaction. The issue is documented across multiple feeds (NVD, RH, CNVD) and is associate...

8.8CVSS9AI score0.00714EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/09/27 6:5 p.m.14 views

CVE-2019-2055

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113164693...

9.1AI score0.00714EPSS
Exploits0References1
CVE
CVE
added 2019/09/27 6:5 p.m.65 views

CVE-2019-2067

CVE-2019-2067 affects libxaac in Android 10, where a missing bounds check allows an out-of-bounds write leading to remote code execution. Exploitation is network-scoped with user interaction required for exploitation (per CVE details). Root cause: bounds-check omission in libxaac. Affected produc...

8.8CVSS9AI score0.00714EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/09/05 10:15 p.m.18 views

CVE-2019-9254

In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS8AI score0.00423EPSS
Exploits0References1
OSV
OSV
added 2019/09/05 10:15 p.m.4 views

CVE-2019-9254

In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.2AI score0.00423EPSS
Exploits0References1
OSV
OSV
added 2019/09/05 10:15 p.m.4 views

CVE-2019-2108

In ihevcdreflist of ihevcdreflist.c in Android 10, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS7.6AI score0.01038EPSS
Exploits0References1
Prion
Prion
added 2019/09/05 10:15 p.m.17 views

Command injection

In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.2CVSS8AI score0.00423EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/09/05 9:42 p.m.138 views

CVE-2019-2108

CVE-2019-2108 affects Android 10 in the Media framework component. The issue is an out-of-bounds write in ihevcd_ref_list.c caused by a missing bounds check, enabling remote code execution with the attacker needing user interaction. The Android 2019-09-05 patch level (and later) addressing this i...

9.3CVSS7.9AI score0.01038EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2019/09/04 12:0 a.m.7 views

Google Android Framework elevation of privilege vulnerability (CNVD-2019-30322)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Framework component of Google Android 10. No details of the vulnerability are provided at this time...

7.8CVSS8.8AI score0.00423EPSS
Exploits0References1
Android Security Bulletins
Android Security Bulletins
added 2019/09/03 12:0 a.m.29 views

Pixel Update Bulletin—September 2019Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2019-09-05 or later address all issues in this bulletin and all issues in the September 2019 Android...

7.8CVSS8AI score0.02589EPSS
Exploits15
Android Security Bulletins
Android Security Bulletins
added 2019/09/03 12:0 a.m.86 views

Android Security Bulletin—September 2019Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2019-09-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

10CVSS8.6AI score0.74041EPSS
Exploits10
CNVD
CNVD
added 2019/08/26 12:0 a.m.4 views

Google Android System Elevation of Privilege Vulnerability (CNVD-2019-39720)

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A security vulnerability exists in telephony in Android version 10, which stems from the program's lack of boundary checking. An attacker could exploit the vulnerability to elevate privileges...

7.2CVSS6.8AI score0.00167EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2019/08/22 1:0 p.m.67 views

The Android 10 Privacy and Security Upgrades You Should Know About

Google's next big Android release will make you safer—especially in ways you can't see...

3AI score
Exploits0
Android Security Bulletins
Android Security Bulletins
added 2019/08/20 12:0 a.m.106 views

Android 10 Security Release NotesStay organized with collectionsSave and categorize content based on your preferences.

This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 10. Android 10 devices with a security patch level of 2019-09-01 or later are protected against these issues Android 10, as released on AOSP, has a...

9.8CVSS8.2AI score0.05092EPSS
Exploits0
Rows per page
Query Builder