Lucene search

K

493 matches found

CVE
CVE
added 2019/07/08 6:15 p.m.62 views

CVE-2019-2117

In checkQueryPermission of TelephonyProvider.java, there is a possible disclosure of secure data due to a missing permission check. This could lead to local information disclosure about carrier systems with no additional execution privileges needed. User interaction is not needed for exploitation. ...

5.5CVSS5AI score0.00015EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.62 views

CVE-2019-9233

In wpa_supplicant_8, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122529021

7.5CVSS7.2AI score0.00312EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.62 views

CVE-2019-9239

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121263487

5CVSS5.3AI score0.00017EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.62 views

CVE-2019-9297

In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112890242

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.62 views

CVE-2019-9349

In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124330204

7.1CVSS6.8AI score0.00346EPSS
CVE
CVE
added 2019/05/08 5:29 p.m.61 views

CVE-2019-2044

In MakeMP>G4VideoCodecSpecificData of APacketSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: An...

9.3CVSS8.7AI score0.01214EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.61 views

CVE-2019-2065

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118143575

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.61 views

CVE-2019-2111

In loop of DnsTlsSocket.cpp, there is a possible heap memory corruption due to a use after free. This could lead to remote code execution in the netd server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Androi...

9.8CVSS9.3AI score0.00758EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.61 views

CVE-2019-9237

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121325979

6.5CVSS6.4AI score0.00244EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.61 views

CVE-2019-9322

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111128067

6.5CVSS6.5AI score0.00244EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.61 views

CVE-2019-9421

In libandroidfw, there is a possible OOB read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111215250

5CVSS5.3AI score0.00017EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.60 views

CVE-2018-9425

In Platform, there is a possible bypass of user interaction requirements due to missing permission checks. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID...

7.8CVSS8.1AI score0.00014EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.60 views

CVE-2019-2062

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117660045

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.60 views

CVE-2019-9259

In the Bluetooth stack, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113575306

7.2CVSS7.2AI score0.00014EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.60 views

CVE-2019-9281

In GoogleContactsSyncAdapter, there is a possible path traversal due to improper input sanitization. This could lead to a bypass of user interaction requirements with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Andr...

7.5CVSS7.8AI score0.00177EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.60 views

CVE-2019-9299

In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663886

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.60 views

CVE-2019-9363

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-123584306

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.60 views

CVE-2019-9406

In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112552517

6.5CVSS6.5AI score0.00244EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.60 views

CVE-2019-9408

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112380157

6.5CVSS6.5AI score0.00244EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.60 views

CVE-2019-9410

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204443

6.5CVSS6.5AI score0.00244EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.59 views

CVE-2019-2063

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116019594

8.8CVSS8.9AI score0.00409EPSS
CVE
CVE
added 2019/08/20 8:15 p.m.59 views

CVE-2019-2134

In phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Andr...

9.3CVSS7.7AI score0.00038EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.59 views

CVE-2019-9272

In WiFi, there is a possible leak of WiFi state due to a permissions bypass. This could lead to a local information disclosure which could be used to determine device location with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: ...

5.5CVSS5.6AI score0.00013EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.59 views

CVE-2019-9295

In com.android.apps.tag, there is a possible bypass of user interaction requirements due to a missing permission check. This could lead to a to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Andro...

7.8CVSS8.1AI score0.00014EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.59 views

CVE-2019-9304

In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112662270

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.59 views

CVE-2019-9337

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204376

6.5CVSS6.1AI score0.00279EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.59 views

CVE-2019-9380

In the settings UI, there is a possible spoofing vulnerability due to a missing permission check. This could lead to a user mistakenly changing permission settings with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Androi...

6.5CVSS6.8AI score0.00082EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.59 views

CVE-2019-9413

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111935831

7.5CVSS7.2AI score0.00312EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.59 views

CVE-2019-9422

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214766

7.5CVSS7.2AI score0.00312EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.59 views

CVE-2019-9425

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110846194

7.5CVSS7.6AI score0.00499EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.58 views

CVE-2019-2113

In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122597079.

5.5CVSS5.4AI score0.00018EPSS
CVE
CVE
added 2019/08/20 8:15 p.m.58 views

CVE-2019-2130

In CompilationJob::FinalizeJob of compiler.cc, there is a possible remote code execution due to type confusion. This could lead to escalation of privilege from a malicious proxy configuration with no additional execution privileges needed. User interaction is not needed for exploitation. Product: A...

10CVSS9.4AI score0.01098EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.58 views

CVE-2019-9257

In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113572342

7.8CVSS8.2AI score0.00015EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.58 views

CVE-2019-9289

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79883824

5.5CVSS5.6AI score0.00017EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.58 views

CVE-2019-9298

In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112892194

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.58 views

CVE-2019-9306

In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661348

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.58 views

CVE-2019-9369

In Bluetooth, there is a use of uninitialized variable. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79995407

5.5CVSS5.6AI score0.00017EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.57 views

CVE-2019-9283

In AAC Codec, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663564

6.5CVSS6.8AI score0.00294EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.57 views

CVE-2019-9310

In libFDK, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112891546

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.57 views

CVE-2019-9354

In NFC server, there's a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118148142

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.57 views

CVE-2019-9372

In libskia, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132782448

7.1CVSS6.8AI score0.00403EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.57 views

CVE-2019-9430

In Bluetooth, there is a possible null pointer dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109838296

7.5CVSS7.6AI score0.00501EPSS
CVE
CVE
added 2019/05/08 5:29 p.m.56 views

CVE-2019-2047

In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 And...

10CVSS9.2AI score0.00873EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.56 views

CVE-2019-2144

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112856493

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.56 views

CVE-2019-2160

In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112715795

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.56 views

CVE-2019-2166

In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117661478

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.56 views

CVE-2019-9250

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120276962

7.5CVSS7.2AI score0.00312EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.56 views

CVE-2019-9287

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-78287084

5.5CVSS5.6AI score0.00017EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.56 views

CVE-2019-9370

In sonivox, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-133880046

6.5CVSS6.5AI score0.00244EPSS
CVE
CVE
added 2019/04/19 8:29 p.m.55 views

CVE-2019-2029

In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1....

8.8CVSS8.8AI score0.00564EPSS
Total number of security vulnerabilities493