Lucene search

K

493 matches found

CVE
CVE
added 2019/06/19 8:15 p.m.109 views

CVE-2019-1985

In findAvailSpellCheckerLocked of TextServicesManagerService.java, there is a possible way to bypass the warning dialog when selecting an untrusted spell checker due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User intera...

7.8CVSS7.7AI score0.00015EPSS
CVE
CVE
added 2019/02/28 5:29 p.m.104 views

CVE-2019-1999

In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android k...

7.8CVSS7.5AI score0.00183EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.103 views

CVE-2019-2007

In getReadIndex and getWriteIndex of FifoControllerBase.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for exploitation.Produ...

10CVSS8.5AI score0.00165EPSS
CVE
CVE
added 2019/08/08 9:15 p.m.102 views

CVE-2019-14783

On Samsung mobile devices with N(7.x), and O(8.x), P(9.0) software, FotaAgent allows a malicious application to create privileged files. The Samsung ID is SVE-2019-14764.

5.5CVSS5.4AI score0.00044EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.101 views

CVE-2019-2008

In createEffect of AudioFlinger.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-...

7.6CVSS7.7AI score0.00113EPSS
CVE
CVE
added 2019/06/19 9:15 p.m.100 views

CVE-2019-2020

In llcp_dlc_proc_rr_rnr_pdu of llcp_dlc.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1...

7.1CVSS5.9AI score0.00131EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.97 views

CVE-2019-2006

In serviceDied of HalDeathHandlerHidl.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An...

10CVSS8.5AI score0.00136EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.95 views

CVE-2019-2004

In publishKeyEvent, publishMotionEvent and sendUnchainedFinishedSignal of InputTransport.cpp, there are uninitialized data leading to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0 An...

5.5CVSS5.2AI score0.00037EPSS
CVE
CVE
added 2019/06/19 9:15 p.m.95 views

CVE-2019-2022

In rw_t3t_act_handle_fmt_rsp and rw_t3t_act_handle_sro_rsp of rw_t3t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidV...

7.1CVSS5.9AI score0.00131EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.94 views

CVE-2019-1990

In ihevcd_fmt_conv_420sp_to_420p of ihevcd_fmt_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 An...

9.3CVSS8.8AI score0.01673EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.91 views

CVE-2019-2005

In onPermissionGrantResult of GrantPermissionsActivity.java, there is a possible incorrectly granted permission due to a missing permission check. This could lead to local escalation of privilege on a locked device with no additional execution privileges needed. User interaction is needed for explo...

8.8CVSS8.2AI score0.00114EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.90 views

CVE-2019-2011

In readNullableNativeHandleNoDup of Parcel.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8...

7.8CVSS7.7AI score0.00034EPSS
CVE
CVE
added 2019/06/19 9:15 p.m.88 views

CVE-2018-9561

In llcp_util_parse_connect of llcp_util.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-...

7.1CVSS5.9AI score0.00131EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.87 views

CVE-2018-9581

In WiFi, the RSSI value and SSID information is broadcast as part of android.net.wifi.RSSI_CHANGE and android.net.wifi.STATE_CHANGE intents. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Andr...

3.3CVSS4.6AI score0.00034EPSS
CVE
CVE
added 2019/06/19 9:15 p.m.84 views

CVE-2019-2003

In addLinks of Linkify.java, there is a possible phishing vector due to an unusual root cause. This could lead to remote code execution or misdirection of clicks with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android...

9.3CVSS8.7AI score0.01673EPSS
CVE
CVE
added 2019/06/19 9:15 p.m.83 views

CVE-2019-2018

In resetPasswordInternal of DevicePolicyManagerService.java, there is a possible bypass of password reset protection due to an unusual root cause. Remote user interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9Android ID: A-110172241

9.3CVSS8.6AI score0.0008EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.82 views

CVE-2019-2016

In NFA_SendRawFrame of nfa_dm_api.cc, there is a possible out-of-bound write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7...

9.3CVSS8.3AI score0.00145EPSS
CVE
CVE
added 2019/06/19 9:15 p.m.82 views

CVE-2019-2017

In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

7.8CVSS7.7AI score0.00034EPSS
CVE
CVE
added 2019/06/19 9:15 p.m.81 views

CVE-2019-2021

In rw_t3t_act_handle_ndef_detect_rsp of rw_t3t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 A...

7.1CVSS5.9AI score0.00131EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.81 views

CVE-2019-9365

In Bluetooth, there is a possible deserialization error due to missing string validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109838537

9.8CVSS9.2AI score0.01445EPSS
CVE
CVE
added 2019/02/28 5:29 p.m.79 views

CVE-2019-1988

In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution in system_server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0 Andr...

9.3CVSS8.8AI score0.00481EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.78 views

CVE-2019-9423

In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android I...

7.8CVSS7.7AI score0.0029EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.77 views

CVE-2019-2012

In rw_t3t_act_handle_fmt_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android...

9.3CVSS8.3AI score0.00145EPSS
CVE
CVE
added 2019/06/19 9:15 p.m.75 views

CVE-2018-9564

In llcp_util_parse_link_params of llcp_util.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Andr...

7.1CVSS5.9AI score0.00131EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.75 views

CVE-2019-2013

In rw_t3t_act_handle_sro_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android...

9.3CVSS8.3AI score0.00145EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.74 views

CVE-2019-2015

In rw_t3t_act_handle_check_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Andro...

9.3CVSS8.3AI score0.00145EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.72 views

CVE-2019-2014

In rw_t3t_handle_get_sc_poll_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 And...

9.3CVSS8.3AI score0.00145EPSS
CVE
CVE
added 2019/06/19 8:15 p.m.71 views

CVE-2019-2010

In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Andr...

7.8CVSS7.7AI score0.00034EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.71 views

CVE-2019-9346

In libstagefright, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128433933

8.8CVSS9.1AI score0.00761EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.70 views

CVE-2019-9335

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112328051

6.5CVSS6.1AI score0.00279EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.69 views

CVE-2019-9416

In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111804142

6.5CVSS6.5AI score0.00244EPSS
CVE
CVE
added 2019/06/19 9:15 p.m.67 views

CVE-2018-9563

In llcp_util_parse_cc of llcp_util.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1...

7.1CVSS5.9AI score0.00131EPSS
CVE
CVE
added 2019/02/28 5:29 p.m.67 views

CVE-2019-2000

In several functions of binder.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-...

7.8CVSS7.8AI score0.00889EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.67 views

CVE-2019-9367

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112106425

7.5CVSS7.2AI score0.00312EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.66 views

CVE-2019-2072

In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116117112

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.66 views

CVE-2019-2104

In HIDL, safe_union, and other C++ structs/unions being sent to application processes, there are uninitialized fields. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android...

5.5CVSS5.8AI score0.00015EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.66 views

CVE-2019-2169

In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118492282

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.66 views

CVE-2019-9388

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ...

7.5CVSS7.2AI score0.00312EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.65 views

CVE-2019-2109

In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android...

9.3CVSS8.8AI score0.00343EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.65 views

CVE-2019-9401

In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115375248

7.5CVSS7.6AI score0.00499EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.64 views

CVE-2019-9243

In wpa_supplicant_8, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120905706

5.5CVSS5.6AI score0.00017EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.64 views

CVE-2019-9398

In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115745406

7.5CVSS7.6AI score0.00499EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.64 views

CVE-2019-9412

In libSBRdec there is a possible out of bounds read due to incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112006096

6.5CVSS6.5AI score0.00244EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.64 views

CVE-2019-9432

In Bluetooth, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Androi...

7.5CVSS7.2AI score0.00312EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.63 views

CVE-2019-9247

In AAC Codec, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120426166

6.5CVSS6.5AI score0.00244EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.63 views

CVE-2019-9303

In libFDK, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661057

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.63 views

CVE-2019-9338

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762686

6.5CVSS6.1AI score0.00279EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.63 views

CVE-2019-9396

In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115747155

7.5CVSS7.6AI score0.00499EPSS
CVE
CVE
added 2019/02/13 10:29 p.m.62 views

CVE-2018-6268

NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161.

9.3CVSS6.2AI score0.00055EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.62 views

CVE-2019-2086

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114735603

8.8CVSS9AI score0.00409EPSS
Total number of security vulnerabilities493