Total
6434 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-13173 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the MediaTek system server. Product: Android. Versions: Android kernel. Android ID A-28067350. References: M-ALPS02672361. | |||||
CVE-2017-13174 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the kernel edl. Product: Android. Versions: Android kernel. Android ID A-63100473. | |||||
CVE-2017-13189 | 1 Google | 1 Android | 2019-10-02 | 7.8 HIGH | 7.5 HIGH |
A vulnerability in the Android media framework (libavc) related to handling dec_hdl memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68300072. | |||||
CVE-2017-13190 | 1 Google | 1 Android | 2019-10-02 | 7.8 HIGH | 7.5 HIGH |
A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68299873. | |||||
CVE-2017-13191 | 1 Google | 1 Android | 2019-10-02 | 7.8 HIGH | 7.5 HIGH |
In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380403. | |||||
CVE-2019-9383 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120843827 | |||||
CVE-2019-9296 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112162089 | |||||
CVE-2019-9239 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121263487 | |||||
CVE-2019-9386 | 1 Google | 1 Android | 2019-10-02 | 6.9 MEDIUM | 7.3 HIGH |
In NFC server, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122361874 | |||||
CVE-2019-9250 | 1 Google | 1 Android | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120276962 | |||||
CVE-2019-9360 | 1 Google | 1 Android | 2019-10-02 | 4.9 MEDIUM | 4.4 MEDIUM |
In the TEE, there's a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120610663 | |||||
CVE-2019-9358 | 1 Google | 1 Android | 2019-10-02 | 4.4 MEDIUM | 7.3 HIGH |
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120156401 | |||||
CVE-2019-9351 | 1 Google | 1 Android | 2019-10-02 | 2.1 LOW | 3.3 LOW |
In SyncStatusObserver, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. This could lead to local limited information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128599864 | |||||
CVE-2019-9309 | 1 Google | 1 Android | 2019-10-02 | 4.4 MEDIUM | 7.3 HIGH |
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117985575 | |||||
CVE-2019-9253 | 1 Google | 1 Android | 2019-10-02 | 4.9 MEDIUM | 4.4 MEDIUM |
In KeyStore, there is a possible storage of symmetric keys in the TEE instead of the strongbox due to a missing strongbox flag. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109769728 | |||||
CVE-2019-9249 | 1 Google | 1 Android | 2019-10-02 | 2.1 LOW | 5.5 MEDIUM |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120255805 | |||||
CVE-2019-9244 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120865977 | |||||
CVE-2019-9344 | 1 Google | 1 Android | 2019-10-02 | 1.9 LOW | 5.0 MEDIUM |
In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120845341 | |||||
CVE-2019-9380 | 1 Google | 1 Android | 2019-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
In the settings UI, there is a possible spoofing vulnerability due to a missing permission check. This could lead to a user mistakenly changing permission settings with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-123700098 | |||||
CVE-2019-9281 | 1 Google | 1 Android | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
In GoogleContactsSyncAdapter, there is a possible path traversal due to improper input sanitization. This could lead to a bypass of user interaction requirements with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-32748076 |