Lucene search
K

952 matches found

CVE
CVE
added 2019/12/06 10:40 p.m.176 views

CVE-2019-2231

CVE-2019-2231 affects the Android blob handling in Blob::Blob (blob.cpp), where improper input validation can lead to an unencrypted master key and local information disclosure. The issue requires local access with system privileges to exploit, with no user interaction needed. Public sources conf...

4.4CVSS4.3AI score0.00095EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/12/06 10:40 p.m.23 views

CVE-2019-2227

In DeepCopy of btifav.cc, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

6.2AI score0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/12/06 10:40 p.m.19 views

CVE-2019-2223

In ihevcdreflist of ihevcdreflist.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

8AI score0.00564EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/12/06 10:40 p.m.16 views

CVE-2019-2232

In handleRun of TextLine.java, there is a possible application crash due to improper input validation. This could lead to remote denial of service when processing Unicode with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.4AI score0.01073EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/12/06 10:40 p.m.30 views

CVE-2019-2220

In checkOperation of AppOpsService.java, there is a possible bypass of user interaction requirements due to mishandling application suspend. This could lead to local information disclosure no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.2AI score0.00164EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2019/12/03 6:0 p.m.49 views

Android Ups the Mobile Security Ante with Default TLS Encryption

A full 80 percent of Android apps are encrypting their traffic by default, according to a Transport Layer Security TLS adoption update from Google. That percentage is even greater for apps targeting Android 9 and higher, with 90 percent of those encrypting traffic by default, the tech giant said ...

6.9AI score
Exploits0References9
Prion
Prion
added 2019/11/13 8:15 p.m.15 views

Heap overflow

In loadloggingconfig of qmivsservice.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

7.2CVSS8AI score0.00173EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/11/13 6:15 p.m.16 views

CVE-2019-2211

In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9...

7.8CVSS7.3AI score0.00669EPSS
Exploits0References1
NVD
NVD
added 2019/11/13 6:15 p.m.19 views

CVE-2019-2212

In poissondistribution of random, there is an out of bounds read. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID:...

5.5CVSS5.2AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2019/11/13 6:15 p.m.4 views

CVE-2019-2212

In poissondistribution of random, there is an out of bounds read. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID:...

5.5CVSS6.2AI score0.00169EPSS
Exploits0References1
NVD
NVD
added 2019/11/13 6:15 p.m.21 views

CVE-2019-2208

In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.2AI score0.01004EPSS
Exploits0References1
NVD
NVD
added 2019/11/13 6:15 p.m.48 views

CVE-2019-2205

In ProxyResolverV8::SetPacScript of proxyresolverv8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0...

10CVSS9.4AI score0.02864EPSS
Exploits0References1
NVD
NVD
added 2019/11/13 6:15 p.m.37 views

CVE-2019-2192

In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

7.8CVSS7.8AI score0.00185EPSS
Exploits0References1
NVD
NVD
added 2019/11/13 6:15 p.m.19 views

CVE-2019-2196

In Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135269143...

5.5CVSS5.6AI score0.00403EPSS
Exploits0References1
NVD
NVD
added 2019/11/13 6:15 p.m.20 views

CVE-2019-2197

In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass due to an insecure default value. This could lead to local information disclosure of the user's contact list with no additional execution privileges needed. User interaction is needed for...

5.5CVSS5.2AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2019/11/13 6:15 p.m.2 views

CVE-2019-2203

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8...

7.8CVSS7.5AI score
Exploits0References1
OSV
OSV
added 2019/11/13 6:15 p.m.3 views

CVE-2019-2204

In FindSharedFunctionInfo of objects.cc, there is a possible out of bounds read due to a mistake in AST traversal. This could lead to remote code execution in the pacprocessor with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Version...

9.8CVSS7.8AI score0.01338EPSS
Exploits0References1
OSV
OSV
added 2019/11/13 6:15 p.m.5 views

CVE-2019-2208

In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...

7.5CVSS6AI score0.01004EPSS
Exploits0References1
NVD
NVD
added 2019/11/13 6:15 p.m.20 views

CVE-2019-2202

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

7.8CVSS8AI score0.00173EPSS
Exploits0References1
Prion
Prion
added 2019/11/13 6:15 p.m.19 views

Out-of-bounds

In FindSharedFunctionInfo of objects.cc, there is a possible out of bounds read due to a mistake in AST traversal. This could lead to remote code execution in the pacprocessor with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Version...

10CVSS8.8AI score0.01338EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder