Android Security Vulnerabilities and Issues — Android CVE List

Lucene search

GoogleAndroid

15 matches found

cve•added 2019/04/19 8:29 p.m.•55 views

CVE-2019-2029

In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1....

8.8CVSS8.8AI score0.00564EPSS

cve•added 2019/04/19 8:29 p.m.•47 views

CVE-2019-2034

In rw_i93_sm_read_ndef of rw_i93.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the NFC process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Andro...

7.8CVSS7.7AI score0.00056EPSS

cve•added 2019/04/19 8:29 p.m.•44 views

CVE-2019-2027

In floor0_inverse1 of floor0.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Andro...

9.3CVSS8.8AI score0.00343EPSS

cve•added 2019/04/19 8:29 p.m.•43 views

CVE-2019-2035

In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-...

7.8CVSS7.7AI score0.00056EPSS

cve•added 2019/04/19 8:29 p.m.•42 views

CVE-2019-2031

In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Andro...

7.8CVSS7.7AI score0.00015EPSS

cve•added 2019/04/19 8:29 p.m.•40 views

CVE-2019-2028

In numerous hand-crafted functions in libmpeg2, NEON registers are not preserved. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 And...

9.3CVSS8.7AI score0.0037EPSS

cve•added 2019/04/19 8:29 p.m.•39 views

CVE-2019-2026

In updateAssistMenuItems of Editor.java, there is a possible escape from the Setup Wizard due to a missing permission check. This could lead to local escalation of privilege and FRP bypass with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andro...

7.8CVSS7.7AI score0.00014EPSS

cve•added 2019/04/19 8:29 p.m.•39 views

CVE-2019-2030

In removeInterfaceAddress of NetworkController.cpp, there is a possible use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-119496789.

9.8CVSS9.1AI score0.00889EPSS

cve•added 2019/04/19 8:29 p.m.•37 views

CVE-2019-2038

In rw_i93_process_sys_info of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-...

5.5CVSS5AI score0.00062EPSS

cve•added 2019/04/19 8:29 p.m.•37 views

CVE-2019-2041

In the configuration of NFC modules on certain devices, there is a possible failure to distinguish individual devices due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Produ...

7.3CVSS7.3AI score0.00013EPSS

cve•added 2019/04/19 8:29 p.m.•36 views

CVE-2019-2033

In create_hdr of dnssd_clientstub.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-121327565.

7.8CVSS7.6AI score0.0001EPSS

cve•added 2019/04/19 8:29 p.m.•35 views

CVE-2019-2032

In SetScanResponseData of ble_advertiser_hci_interface.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versio...

7.8CVSS7.7AI score0.00015EPSS

cve•added 2019/04/19 8:29 p.m.•34 views

CVE-2019-2040

In rw_i93_process_ext_sys_info of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Andro...

5CVSS4.7AI score0.00017EPSS

cve•added 2019/04/19 8:29 p.m.•33 views

CVE-2019-2039

In rw_i93_sm_detect_ndef of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7....

5CVSS4.7AI score0.00036EPSS

cve•added 2019/04/19 8:29 p.m.•29 views

CVE-2019-2037

In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out-of-bound read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android...

7.5CVSS6.9AI score0.00314EPSS