17 matches found
CVE-2019-20778
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Backup subsystem does not properly restrict operations or validate their input. The LG ID is LVE-SMP-190004 June 2019...
CVE-2019-20574
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. There is local SQL injection in the Wi-Fi history Content Provider. The Samsung ID is SVE-2019-14061 August 2019...
CVE-2019-20567
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. A upparm heap overflow leads to code execution in the bootloader. The Samsung ID is SVE-2019-14993 September 2019...
CVE-2019-20573
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. There is local SQL injection in the RCS Content Provider. The Samsung IDs are SVE-2019-14059, SVE-2019-14685 August 2019...
CVE-2019-20558
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. There is a Buffer Overflow in the Touch Screen Driver. The Samsung ID is SVE-2019-14990 October 2019...
CVE-2019-20546
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Broadcom Wi-Fi chipsets software. A denial-of-service attack can leverage a shared interface between Broadcom Bluetooth and Broadcom Wi-Fi. The Samsung ID is SVE-2019-15350 November 2019...
CVE-2019-2120
In OatFileAssistant::GenerateOatFile of oatfileassistant.cc, there is a possible file corruption issue due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2019-2129
In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...
CVE-2019-2106
In ihevcdsaoshiftctb of ihevcdsao.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...
CVE-2019-2019
In cet4tdatacback of cet4t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1...
CVE-2018-9563
In llcputilparsecc of llcputil.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1...
CVE-2019-1989
In ih264dfmtconv420spto420p of ih264dformatconv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...
CVE-2019-2028
In numerous hand-crafted functions in libmpeg2, NEON registers are not preserved. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0...
Google Android System Elevation of Privilege Vulnerability (CNVD-2019-23322)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the System component of Google Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9. An attacker could use this vulnerability to potentiall...
CVE-2019-1991
In btifdmdatacopy of btifcore.cc, there is a possible out of bounds write due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...
CVE-2019-1987
In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...
CVE-2018-9540
In avrcctrlparsvendorrsp of avrcparsct.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...