Lucene search

K

493 matches found

CVE
CVE
added 2019/05/08 5:29 p.m.55 views

CVE-2019-2043

In SmsDefaultDialog.onStart of SmsDefaultDialog.java, there is a possible escalation of privilege due to an overlay attack. This could lead to local escalation of privilege, granting privileges to a local app without the user's informed consent, with no additional privileges needed. User interactio...

7.3CVSS7.2AI score0.00014EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.55 views

CVE-2019-2118

In various functions of Parcel.cpp, there are uninitialized or partially initialized stack variables. These could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1...

5.5CVSS5.1AI score0.00017EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.55 views

CVE-2019-2170

In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118615735

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.55 views

CVE-2019-9261

In libxaac there is a possible out of bounds read due to missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116774214

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.55 views

CVE-2019-9311

In Bluetooth, there is a possible crash due to an integer overflow. This could lead to remote denial of service on incoming calls with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79431031

7.5CVSS7.7AI score0.00499EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.55 views

CVE-2019-9344

In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120845341

5CVSS5.3AI score0.00017EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.55 views

CVE-2019-9356

In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111699773

5CVSS5.3AI score0.00017EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.55 views

CVE-2019-9359

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111407302

6.5CVSS6.5AI score0.00244EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.55 views

CVE-2019-9420

In libhevc, there is a possible out of bounds read due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111272481

6.5CVSS6.8AI score0.00294EPSS
CVE
CVE
added 2019/02/12 12:0 a.m.54 views

CVE-2018-9583

In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the bluetooth server with no additional execution privileges...

10CVSS7.6AI score0.00977EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-2066

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100617

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.54 views

CVE-2019-2119

In multiple functions of key_store_service.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Ve...

5.5CVSS5AI score0.00013EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-2139

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117610049

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-2150

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117935831

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-9269

In System Settings, there is a possible permissions bypass due to a cached Linux user ID. This could lead to a local permissions bypass with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-36899497

7.3CVSS7.3AI score0.00012EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-9385

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120452956

6.5CVSS6.4AI score0.00244EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-9386

In NFC server, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-...

7.3CVSS7.7AI score0.00013EPSS
CVE
CVE
added 2019/05/08 5:29 p.m.53 views

CVE-2019-2046

In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android ...

10CVSS9.3AI score0.01182EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.53 views

CVE-2019-2059

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118386824

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.53 views

CVE-2019-2080

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118619159

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.53 views

CVE-2019-2145

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112858430

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/11/13 6:15 p.m.53 views

CVE-2019-2214

In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ...

7.8CVSS8AI score0.00054EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.53 views

CVE-2019-9290

In tzdata there is possible memory corruption due to a mismatch between allocation and deallocation functions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Androi...

7.8CVSS8.3AI score0.00015EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.53 views

CVE-2019-9358

In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120156401

7.3CVSS7.7AI score0.00015EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.53 views

CVE-2019-9400

In Bluetooth, there is a possible null pointer dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115509589

7.5CVSS7.6AI score0.00501EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.52 views

CVE-2019-9368

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79883568

5.5CVSS5.6AI score0.00017EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.52 views

CVE-2019-9417

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111450079

5.5CVSS5.6AI score0.00017EPSS
CVE
CVE
added 2019/09/06 3:15 p.m.51 views

CVE-2018-6240

NVIDIA Tegra contains a vulnerability in BootRom where a user with kernel level privileges can write an arbitrary value to an arbitrary physical address

7.8CVSS7.3AI score0.00024EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.51 views

CVE-2019-2106

In ihevcd_sao_shift_ctb of ihevcd_sao.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

9.3CVSS8.8AI score0.0037EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.51 views

CVE-2019-9277

In the proc filesystem, there is a possible information disclosure due to log information disclosure. This could lead to local disclosure of app and browser activity with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android I...

3.3CVSS4.3AI score0.00015EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.51 views

CVE-2019-9321

In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111208713

6.5CVSS6.5AI score0.00244EPSS
CVE
CVE
added 2019/05/08 5:29 p.m.50 views

CVE-2019-2051

In heap of spaces.h, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure when processing a proxy auto config file with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android V...

7.8CVSS7AI score0.00396EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.50 views

CVE-2019-2067

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116114402

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.50 views

CVE-2019-2070

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117883804

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.50 views

CVE-2019-9330

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214739

7.5CVSS7.2AI score0.00312EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.50 views

CVE-2019-9383

In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120843827

5CVSS5.3AI score0.00017EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.49 views

CVE-2019-2112

In several functions of alarm.cc, there is possible memory corruption due to a use after free. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Andr...

7.8CVSS7.7AI score0.00015EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.49 views

CVE-2019-9373

In JobStore, there is a mismatched serialization/deserialization for the "battery-not-low" job attribute. This could lead to a local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-1...

5.5CVSS6AI score0.00027EPSS
CVE
CVE
added 2019/02/13 10:29 p.m.48 views

CVE-2018-6267

NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges. Android ID: A-70857947.

9.3CVSS7.5AI score0.00055EPSS
CVE
CVE
added 2019/02/28 5:29 p.m.48 views

CVE-2019-1991

In btif_dm_data_copy of btif_core.cc, there is a possible out of bounds write due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android...

9.3CVSS8.9AI score0.01005EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.48 views

CVE-2019-2105

In FileInputStream::Read of file_input_stream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versi...

8.8CVSS8.7AI score0.00409EPSS
CVE
CVE
added 2019/11/13 6:15 p.m.48 views

CVE-2019-2205

In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 And...

10CVSS9.3AI score0.07716EPSS
CVE
CVE
added 2019/11/13 6:15 p.m.48 views

CVE-2019-2213

In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-...

7.4CVSS7.4AI score0.00035EPSS
CVE
CVE
added 2019/04/19 8:29 p.m.47 views

CVE-2019-2034

In rw_i93_sm_read_ndef of rw_i93.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the NFC process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Andro...

7.8CVSS7.7AI score0.00056EPSS
CVE
CVE
added 2019/05/08 5:29 p.m.47 views

CVE-2019-2045

In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 And...

10CVSS9.3AI score0.00873EPSS
CVE
CVE
added 2019/08/20 8:15 p.m.47 views

CVE-2019-2136

In Status::readFromParcel of Status.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 ...

5.5CVSS5AI score0.00017EPSS
CVE
CVE
added 2019/11/13 6:15 p.m.46 views

CVE-2019-2036

In okToConnect of HidHostService.java, there is a possible permission bypass due to an incorrect state check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Andro...

10CVSS9AI score0.00605EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.46 views

CVE-2019-2079

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115509210

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.46 views

CVE-2019-9336

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326322

6.5CVSS6.1AI score0.00279EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.46 views

CVE-2019-9429

In profman, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110035108

7.8CVSS8.2AI score0.00015EPSS
Total number of security vulnerabilities493