Total
6434 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-20608 | 1 Google | 1 Android | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. An attacker can use Emergency mode to disable features. The Samsung IDs are SVE-2018-13164, SVE-2018-13165 (April 2019). | |||||
CVE-2019-20610 | 2 Google, Samsung | 8 Android, Exynos 7570, Exynos 7870 and 5 more | 2020-08-24 | 9.3 HIGH | 8.1 HIGH |
An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets) software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 (April 2019). | |||||
CVE-2019-20612 | 1 Google | 1 Android | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Broadcom Wi-Fi, and SEC Wi-Fi chipsets) software. Wi-Fi allows a denial of service via TCP SYN packets. The Samsung ID is SVE-2018-13162 (March 2019). | |||||
CVE-2019-5681 | 2 Google, Nvidia | 2 Android, Shield Experience | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the custom NVIDIA API used in the mount system service where user data could be overridden, which may lead to code execution, denial of service, or information disclosure. | |||||
CVE-2019-2167 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118615501 | |||||
CVE-2019-2123 | 1 Google | 1 Android | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible local execution of arbitrary code in a privileged process due to a memory overwrite. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2019-5767 | 4 Debian, Fedoraproject, Google and 1 more | 7 Debian Linux, Fedora, Android and 4 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK. | |||||
CVE-2019-2208 | 1 Google | 1 Android | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9 Android ID: A-138441919 | |||||
CVE-2019-9337 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204376 | |||||
CVE-2019-9338 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762686 | |||||
CVE-2019-9352 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124253062 | |||||
CVE-2019-9345 | 1 Google | 1 Android | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
In the Android kernel in sdcardfs there is a possible violation of the separation of data between profiles due to shared mapping of obb files. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. | |||||
CVE-2019-9347 | 1 Google | 1 Android | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
In the m4v_h263 codec, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109891727 | |||||
CVE-2019-9357 | 1 Google | 1 Android | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112662995 | |||||
CVE-2019-2212 | 1 Google | 1 Android | 2020-08-24 | 4.9 MEDIUM | 5.5 MEDIUM |
In poisson_distribution of random, there is an out of bounds read. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139690488 | |||||
CVE-2019-9322 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111128067 | |||||
CVE-2019-9334 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112859934 | |||||
CVE-2019-9335 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112328051 | |||||
CVE-2019-9336 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326322 | |||||
CVE-2019-9329 | 1 Google | 1 Android | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
In Bluetooth, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure, with no additional privileges required. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112917952 |