Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Google Subscribe
Filtered by product Android
Total 6434 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-20614 1 Google 1 Android 2021-07-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Allshare allows attackers to access sensitive information. The Samsung ID is SVE-2018-13453 (March 2019).
CVE-2019-20615 1 Google 1 Android 2021-07-21 2.1 LOW 4.6 MEDIUM
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Attackers can bypass Factory Reset Protection (FRP) via SVoice T&C. The Samsung ID is SVE-2018-13547 (March 2019).
CVE-2019-20617 1 Google 1 Android 2021-07-21 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered on Samsung mobile devices with P(9.0) software. Secure Folder leaks preview data of recent apps. The Samsung ID is SVE-2018-13764 (March 2019).
CVE-2019-20619 1 Google 1 Android 2021-07-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered on Samsung mobile devices with P(9.0) software. Secure Startup leaks keyboard suggested words. The Samsung ID is SVE-2019-13773 (March 2019).
CVE-2019-20624 1 Google 1 Android 2021-07-21 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. S-Voice leaks keyboard learned words via the lock screen. The Samsung ID is SVE-2018-12981 (February 2019).
CVE-2019-20625 1 Google 1 Android 2021-07-21 2.1 LOW 3.3 LOW
An issue was discovered on Samsung mobile devices with N(7.1) and O(8.x) (Exynos chipsets) software. The ion debugfs driver allows information disclosure. The Samsung ID is SVE-2018-13427 (February 2019).
CVE-2019-2112 1 Google 1 Android 2021-07-21 7.2 HIGH 7.8 HIGH
In several functions of alarm.cc, there is possible memory corruption due to a use after free. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-117997080.
CVE-2019-2136 1 Google 1 Android 2021-07-21 4.9 MEDIUM 5.5 MEDIUM
In Status::readFromParcel of Status.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-132650049.
CVE-2019-2137 1 Google 1 Android 2021-07-21 4.9 MEDIUM 5.5 MEDIUM
In the endCall() function of TelecomManager.java, there is a possible Denial of Service due to a missing permission check. This could lead to local denial of access to Emergency Services with User execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-132438333.
CVE-2019-2187 1 Google 1 Android 2021-07-21 2.1 LOW 5.5 MEDIUM
In nfc_ncif_decode_rf_params of nfc_ncif.cc, there is a possible out of bounds read due to an integer underflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-124940143
CVE-2019-2205 1 Google 1 Android 2021-07-21 10.0 HIGH 9.8 CRITICAL
In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139806216
CVE-2019-2210 1 Google 1 Android 2021-07-21 7.2 HIGH 7.8 HIGH
In load_logging_config of qmi_vs_service.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-139148442
CVE-2019-2213 1 Google 1 Android 2021-07-21 6.9 MEDIUM 7.4 HIGH
In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-133758011References: Upstream kernel
CVE-2019-2217 1 Google 1 Android 2021-07-21 7.2 HIGH 7.8 HIGH
In setCpuVulkanInUse of GpuStats.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141003796
CVE-2019-20771 1 Google 1 Android 2021-07-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService allows unconfirmed configuration changes via a modified OMACP message. The LG ID is LVE-SMP-190006 (August 2019).
CVE-2019-20772 1 Google 1 Android 2021-07-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows authorization bypass. The LG ID is LVE-SMP-190007 (August 2019).
CVE-2019-20773 1 Google 1 Android 2021-07-21 7.2 HIGH 7.8 HIGH
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. Unprivileged applications can execute shell commands via the connectivity service. The LG ID is LVE-SMP-190008 (August 2019).
CVE-2019-20774 1 Google 1 Android 2021-07-21 2.1 LOW 5.5 MEDIUM
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. A system service allows local retrieval of the user's password. The LG ID is LVE-SMP-190009 (August 2019).
CVE-2019-20775 2 Google, Qualcomm 5 Android, Sdm450, Sdm845 and 2 more 2021-07-21 2.1 LOW 5.5 MEDIUM
An issue was discovered on LG mobile devices with Android OS 9.0 (Qualcomm SDM450, SDM845, SM6150, and SM8150 chipsets) software. Weak encryption leads to local information disclosure. The LG ID is LVE-SMP-190010 (August 2019).
CVE-2019-2174 1 Google 1 Android 2021-07-21 7.2 HIGH 7.8 HIGH
In SensorManager::assertStateLocked of SensorManager.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.