3385 matches found
CVE-2018-9469
CVE-2018-9469 affects Android framework components where ShortcutService.java can create a spoofed shortcut due to a missing permission check. This could enable a local elevation of privilege in a privileged app, with exploitation requiring user interaction. Connected documents confirm the same ...
CVE-2018-9467
CVE-2018-9467 is a vulnerability in the getHost() path of UriTest.java where incorrect web origin determination could cause security decisions to be made incorrectly. It requires no user interaction and does not require privileges; exploitation is described as a network-vector issue with high imp...
CVE-2018-9456
CVE-2018-9456 affects Google Android components, specifically the SDP utility: sdpu_extract_attr_seq in sdp_utils.cc. The issue is a possible out-of-bounds read due to an incorrect bounds check, enabling remote denial-of-service without extra privileges or user interaction. Connected sources (Red...
CVE-2018-9440
CVE-2018-9440 affects Android’s Media Framework (M3UParser.cpp): parsing can trigger resource exhaustion and DoS without elevated privileges, requiring user interaction to exploit. Red Hat and NVD entries corroborate the DoS impact with UI interaction. Android’s security bulletin (Sept 2018) list...
CVE-2018-9433
CVE-2018-9433 affects Android’s Framework via the ArrayConcatVisitor in builtins-array.cc, where improper input validation can cause a type confusion vulnerability. The issue could allow remote code execution without extra privileges, with exploitation requiring user interaction per the primary d...
CVE-2018-9432
CVE-2018-9432 affects Android components in BluetoothPermissionActivity.java (specifically in createPhonebookDialogView and createMapDialogView), where a permissions bypass could allow local elevation of privilege by hiding and bypassing the user’s ability to disable access to contacts. The descr...
CVE-2018-9428
CVE-2018-9428 : The issue affects Android’s AAudio service (AAudioServiceStreamBase.cpp, startDevice) and is caused by an out-of-bounds write stemming from a use-after-free. This can lead to local arbitrary code execution with high impact (confidentiality, integrity, and availability) as describe...
CVE-2018-9424
CVE-2018-9424 concerns an out-of-bounds write in CryptoPlugin::decrypt (CryptoPlugin.cpp) that could allow local escalation of privilege with no user interaction. Exploitation details are not provided in the documents; the Android Security Bulletin catalogs this CVE under Media framework issues w...
CVE-2018-9421
CVE-2018-9421 is a local information-disclosure flaw in Android’s Media framework involving Parcel.cpp writeInplace and Binder; uninitialized data could leak across processes. Current documents confirm the issue and indicate it affects Android devices via local access with no user interaction. Th...
CVE-2018-9420
CVE-2018-9420 affects Android’s BnCameraService::onTransact in CameraService.cpp, enabling information disclosure via uninitialized data with local access and no user interaction. The issue is categorized as an Information Disclosure (ID) in the Android 2018-07-01/2018-07-05 patch-level bulletin,...
CVE-2018-9410
CVE-2018-9410 describes an out-of-bounds read in the Android Framework via FontUtils.cpp -> analyzeAxes, causing local information disclosure with no extra privileges and no user interaction. The connected Android bulletin lists CVE-2018-9410 under the Framework section with High severity, not...
CVE-2018-9365
CVE-2018-9365 describes a potential out-of-bounds read in the SMP L2C data path (smp_data_received in smp_l2c.cc) that could lead to remote code execution. Exploitation requires user interaction. Multiple connected sources (RH, NVD, CVE lists, Android bulletin) confirm the issue and its remote-co...
CVE-2018-9409
The CVE-2018-9409 entry affects Android’s Media framework, specifically the HWC (Hardware Composer) path: HWCSession::SetColorModeById in hwc_session.cpp. The root cause is a missing bounds check, leading to a possible out-of-bounds write. This could enable local elevation of privilege with no ad...
CVE-2018-9372
CVE-2018-9372 : The issue is in the Android bootloader path (cmd_flash_mmc_sparse_img in dl_commands.c) where there is a possible out-of-bounds write caused by a missing bounds check. This could allow a local escalation of privilege in the bootloader without additional execution privileges and wi...
CVE-2018-9371
CVE-2018-9371 affects the Mediatek Preloader/bootloader. It describes out-of-bounds reads/writes via an exposed interface that permits arbitrary peripheral memory mapping due to insufficient blacklisting/whitelisting. Under the described conditions, this can enable local elevation of privilege wi...
CVE-2018-9370
CVE-2018-9370 affects the MediaTek bootloader in the Android platform, describing a vulnerability in download.c where a special mode allows data to be downloaded into memory with missing bounds checks, leading to possible memory corruption and local escalation of privilege. The exploitation requi...
CVE-2018-9369
CVE-2018-9369 describes a local elevation-of-privilege in the bootloader where a fastboot command allows a user to pass kernel command line arguments. The root cause is the bootloader’s handling of user-supplied kernel parameters, enabling a local attacker to gain higher privileges without additi...
CVE-2018-9368
Concretely affects MediaTek mtksocoaudio (debugfs) in the Android stack. The vulnerability is caused by a missing bounds check combined with weakened SELinux policies in the mtksocoaudio debugfs, enabling an arbitrary kernel memory write. Impact: local privilege escalation to a system/privileged ...
CVE-2018-9367
CVE-2018-9367 describes a potential out-of-bounds write in the MediaTek Cameratool CCAP component (function FT_ACDK_CCT_V2_OP_ISP_SET_TUNING_PARAS within Meta_CCAP_Para.cpp). The underlying issue is improper input validation, which could enable local escalation of privilege with no additional exe...
CVE-2018-9366
CVE-2018-9366 affects Google/Android devices with the MediaTek IMSA component. In IMSA_Recv_Thread and VT_IMCB_Thread (IMSAClient.cpp and VideoTelephony.c), an out-of-bounds write due to an integer overflow is described, leading to local escalation of privilege with no user interaction required. ...