Lucene search
K

952 matches found

Prion
Prion
added 2019/11/13 6:15 p.m.17 views

Memory corruption

In ProxyResolverV8::SetPacScript of proxyresolverv8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0...

10CVSS9.2AI score0.02864EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/13 6:15 p.m.13 views

Out-of-bounds

In rwi93smsetreadonly of rwi93.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

9.3CVSS8.7AI score0.01178EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/13 6:15 p.m.9 views

Out-of-bounds

In BTADmPinReply of btadmapi.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

4.9CVSS5AI score0.00148EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/13 6:15 p.m.20 views

Input validation

In tokenize of sqlite3android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.2CVSS7.6AI score0.00195EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/13 6:15 p.m.19 views

Heap overflow

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

7.2CVSS7.8AI score0.00173EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/13 6:15 p.m.19 views

Out-of-bounds

In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.1AI score0.01004EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/13 6:15 p.m.18 views

Design/Logic Flaw

In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass due to an insecure default value. This could lead to local information disclosure of the user's contact list with no additional execution privileges needed. User interaction is needed for...

2.1CVSS5.2AI score0.00158EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/13 6:15 p.m.20 views

Design/Logic Flaw

In okToConnect of HidHostService.java, there is a possible permission bypass due to an incorrect state check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0...

10CVSS9AI score0.02038EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/13 6:15 p.m.15 views

Input validation

In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

7.2CVSS7.7AI score0.00185EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/13 6:15 p.m.17 views

Sql injection

In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9...

7.8CVSS7.2AI score0.00669EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/13 6:15 p.m.15 views

Sql injection

In Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135269143...

4.9CVSS5.6AI score0.00403EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/11/13 6:15 p.m.19 views

Design/Logic Flaw

In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin app installed with no indication to the user, with User execution privileges needed. User...

7.2CVSS7.6AI score0.0017EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/13 5:43 p.m.21 views

CVE-2019-2198

In Download Provider, there is a possible SQL injection vulnerability. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID:...

5.6AI score0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/13 5:43 p.m.22 views

CVE-2019-2196

In Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135269143...

5.6AI score0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/13 5:42 p.m.29 views

CVE-2019-2208

In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...

7.2AI score0.01004EPSS
Exploits0References1
CVE
CVE
added 2019/11/13 5:37 p.m.49 views

CVE-2019-2206

CVE-2019-2206 describes an out-of-bounds write in rw_i93_sm_set_read_only within rw_i93.cc caused by a missing bounds check, enabling remote code execution over NFC with no extra privileges and requiring user interaction. Affected product family is Android 8.0–10 (Android 8.0, 8.1, 9, 10) as list...

9.3CVSS8.7AI score0.01178EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/13 5:36 p.m.20 views

CVE-2019-2203

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8...

8AI score0.00173EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/11/13 5:36 p.m.18 views

CVE-2019-2202

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

8AI score0.00173EPSS
Exploits0References1
CVE
CVE
added 2019/11/13 5:36 p.m.46 views

CVE-2019-2202

CVE-2019-2202 occurs in Android’s CryptoPlugin.decrypt and describes a possible heap buffer overflow leading to local privilege escalation without user interaction. Affected software is Android 9 and Android 10 (Media/crypto plugin path). The issue is described as an out-of-bounds write in Crypto...

7.8CVSS7.8AI score0.00173EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/13 5:34 p.m.21 views

CVE-2019-2197

In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass due to an insecure default value. This could lead to local information disclosure of the user's contact list with no additional execution privileges needed. User interaction is needed for...

5.2AI score0.00158EPSS
Exploits0References1
Rows per page
Query Builder