EUVD-2018-21090

Malware in sbrugna...

EUVD-2018-21105

Malware in sbrugna...

PT-2020-20359 · Quram +1 · Quram Qmg Library +1

Name of the Vulnerable Software and Affected Versions: Samsung Android OS versions O8.x through Q10.0 Description: A buffer overwrite vulnerability exists in the Quram qmg library, allowing an unauthenticated attacker to trigger a heap-based buffer overflow by sending a specially crafted MMS. Thi...

Buffer overflow

An issue was discovered on LG mobile devices with Android OS 9.0 software. The HAL service has a buffer overflow that leads to arbitrary code execution. The LG ID is LVE-SMP-190013 September 2019...

CVE-2019-20572

An issue was discovered on Samsung mobile devices with O8.1 and P9.0 Exynos chipsets software. loadkernel has a buffer overflow via untrusted data. The Samsung ID is SVE-2019-14939 September 2019...

CVE-2020-0036

In hasPermissions of PermissionMonitor.java, there is a possible access to restricted permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Exploit for Incorrect Calculation in Google Android

cve-2020-0022 poc for cve-2020-0022 usage gcc poc.c -l...

Google Pixel CVE-2019-2210 Privilege Escalation Vulnerability

Description Google Pixel is prone to a privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. This issue are being tracked by Android Bug ID A-139148442. Technologies Affected Google Android 10.0 Google Android 9.0 Google Pixel 2 Google Pixel 2 XL...

Google Android System Component Multiple Security Vulnerabilities

Description Google Android is prone to multiple security vulnerabilities. An attacker can leverage these issues to gain access to sensitive information or elevated privileges. These issues are being tracked by Android IDs A-123700348, A-124940143 Technologies Affected Google Android 10.0 Google...

UBUNTU-CVE-2019-2126

In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0...

Hardcoded credentials

In the Bluetooth Low Energy BLE specification, there is a provided example Long Term Key LTK. If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired Android host due to improperly used crypto. User...

CVE-2018-9489

When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. This could lead to information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Product: Andro...

Authorization

In the SELinux permissions of crashdump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9....

Information disclosure

When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. This could lead to information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Product: Andro...

CVE-2018-9488

CVE-2018-9488 is an Android local‑privilege-escalation vulnerability rooted in SELinux permissions for crash_dump.te, allowing an unprivileged user to escalate to System via a multi-stage chain (zygote → crash_dump → vold → init/kernel). Publicly linked PoCs and analyses describe how an attacker ...

CVE-2018-9511

In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a security feature due to uninitialized data. This could lead to local denial of service of IPsec on sockets with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9511

In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a security feature due to uninitialized data. This could lead to local denial of service of IPsec on sockets with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9506

In avrcmsgcback of avrcapi.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7...

CVE-2018-9504

In sdpcopyrawdata of sdpdiscovery.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:...

CVE-2018-9502

In rfcprocessmxmessage of rfctsframes.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Andro...