CVE-2019-2229

In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8....

CVE-2019-2185

In VlcDequantH263IntraBlockSH of vlcdequant.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.1.1...

CVE-2019-9334

In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112859934...

Information disclosure

In the Wallpaper Manager service, there is a possible information disclosure due to a missing permission check. Any application can access wallpaper image with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android I...

CVE-2019-9398

In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115745406...

CVE-2019-9325

The CVE-2019-9325 issue affects the libvpx library (VP8/VP9 SDK) and is described as an out-of-bounds read caused by a missing bounds check. According to the provided documents, this could lead to remote information disclosure with no inherent execution privileges, and exploitation requires user ...

CVE-2019-9336

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326322...

CVE-2019-9243

CVE-2019-9243 affects wpa_supplicant_8 in Android 10. The vulnerability is an out-of-bounds read caused by a missing bounds check in a component of wpa_supplicant_8, leading to local information disclosure without requiring privileges; no user interaction is needed. Several connected records corr...

CVE-2019-2018

In resetPasswordInternal of DevicePolicyManagerService.java, there is a possible bypass of password reset protection due to an unusual root cause. Remote user interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9Android ID: A-110172241...