3079 matches found
CVE-2019-2060
CVE-2019-2060 affects the Android 10 libxaac library, with a potential out-of-bounds read due to a missing bounds check that could lead to information disclosure. Exploitation requires user interaction. Affected product/version: Android 10; Android ID A-112709994. CVSS data from NVD indicates a b...
CVE-2019-2069
CVE-2019-2069 affects Android 10 via a vulnerability in libxaac caused by a missing bounds check, leading to an out-of-bounds write that could cause remote code execution. The description states user interaction is required for exploitation. Connected documentation confirms the issue exists in li...
CVE-2019-2060
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112709994...
CVE-2019-2069
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117832864...
CVE-2019-2068
CVE-2019-2068 affects Android 10 via libxaac, where an out-of-bounds write due to a missing bounds check could enable remote code execution. Exploitation requires user interaction; the CVSS data indicates network access as a potential vector (NVD) and high impact (RCE) per Android bulletin. Remed...
CVE-2019-2055
CVE-2019-2055 affects Android 10 via the libxaac library, where an out-of-bounds write due to a missing bounds check enables remote code execution with the attacker needing no privileges and requiring user interaction. The issue is documented across multiple feeds (NVD, RH, CNVD) and is associate...
CVE-2019-2055
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113164693...
CVE-2019-2067
CVE-2019-2067 affects libxaac in Android 10, where a missing bounds check allows an out-of-bounds write leading to remote code execution. Exploitation is network-scoped with user interaction required for exploitation (per CVE details). Root cause: bounds-check omission in libxaac. Affected produc...
CVE-2019-9254
In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2019-9254
In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2019-2108
In ihevcdreflist of ihevcdreflist.c in Android 10, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation...
Command injection
In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2019-2108
CVE-2019-2108 affects Android 10 in the Media framework component. The issue is an out-of-bounds write in ihevcd_ref_list.c caused by a missing bounds check, enabling remote code execution with the attacker needing user interaction. The Android 2019-09-05 patch level (and later) addressing this i...
Google Android Framework elevation of privilege vulnerability (CNVD-2019-30322)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Framework component of Google Android 10. No details of the vulnerability are provided at this time...
Pixel Update Bulletin—September 2019Stay organized with collectionsSave and categorize content based on your preferences.
The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2019-09-05 or later address all issues in this bulletin and all issues in the September 2019 Android...
Android Security Bulletin—September 2019Stay organized with collectionsSave and categorize content based on your preferences.
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2019-09-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...
Google Android System Elevation of Privilege Vulnerability (CNVD-2019-39720)
Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A security vulnerability exists in telephony in Android version 10, which stems from the program's lack of boundary checking. An attacker could exploit the vulnerability to elevate privileges...
The Android 10 Privacy and Security Upgrades You Should Know About
Google's next big Android release will make you safer—especially in ways you can't see...
Android 10 Security Release NotesStay organized with collectionsSave and categorize content based on your preferences.
This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 10. Android 10 devices with a security patch level of 2019-09-01 or later are protected against these issues Android 10, as released on AOSP, has a...