VYPR

Android SDK

by Google

CVEs (1,744)

  • CVE-2019-2192HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2019-9429HigSep 27, 2019
    risk 0.51cvss 7.8epss 0.00

    In profman, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9407HigSep 27, 2019
    risk 0.51cvss 7.8epss 0.00

    In notification management of the service manager, there is a possible permissions bypass. This could lead to local escalation of privilege by preventing user notification, with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2019-9350HigSep 27, 2019
    risk 0.51cvss 7.8epss 0.00

    In Keymaster, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129562815

  • CVE-2019-9295HigSep 27, 2019
    risk 0.51cvss 7.8epss 0.00

    In com.android.apps.tag, there is a possible bypass of user interaction requirements due to a missing permission check. This could lead to a to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product:…

  • CVE-2019-9290HigSep 27, 2019
    risk 0.51cvss 7.8epss 0.00

    In tzdata there is possible memory corruption due to a mismatch between allocation and deallocation functions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2019-9258HigSep 27, 2019
    risk 0.51cvss 7.8epss 0.00

    In wifilogd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9345HigSep 6, 2019
    risk 0.51cvss 7.8epss 0.00

    In the Android kernel in sdcardfs there is a possible violation of the separation of data between profiles due to shared mapping of obb files. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

  • CVE-2019-9254HigSep 5, 2019
    risk 0.51cvss 7.8epss 0.00

    In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2019-2176HigSep 5, 2019
    risk 0.51cvss 7.8epss 0.01

    In ihevcd_parse_buffering_period_sei of ihevcd_parse_headers.c in Android 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed…

  • CVE-2019-2175HigSep 5, 2019
    risk 0.51cvss 7.8epss 0.00

    In checkAccess of SliceManagerService.java in Android 9, there is a possible permissions check bypass due to incorrect order of arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2019-2123HigSep 5, 2019
    risk 0.51cvss 7.8epss 0.00

    In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible local execution of arbitrary code in a privileged process due to a memory overwrite. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2019-2115HigSep 5, 2019
    risk 0.51cvss 7.8epss 0.00

    In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…

  • CVE-2019-2134HigAug 20, 2019
    risk 0.51cvss 7.8epss 0.01

    In phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product:…

  • CVE-2019-2133HigAug 20, 2019
    risk 0.51cvss 7.8epss 0.01

    In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2019-2132HigAug 20, 2019
    risk 0.51cvss 7.8epss 0.01

    It is possible to overlay the VPN dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2…

  • CVE-2019-2120HigAug 20, 2019
    risk 0.51cvss 7.8epss 0.00

    In OatFileAssistant::GenerateOatFile of oat_file_assistant.cc, there is a possible file corruption issue due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2019-2112HigJul 8, 2019
    risk 0.51cvss 7.8epss 0.00

    In several functions of alarm.cc, there is possible memory corruption due to a use after free. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0…

  • CVE-2019-2017HigJun 19, 2019
    risk 0.51cvss 7.8epss 0.00

    In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2019-2010HigJun 19, 2019
    risk 0.51cvss 7.8epss 0.00

    In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

Page 31 of 88