Android SDK
by Google
CVEs (1,765)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-9411 | 0.00 | — | 0.01 | Sep 27, 2019 | In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2019-9421 | 0.00 | — | 0.00 | Sep 27, 2019 | In libandroidfw, there is a possible OOB read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111215250 | |||
| CVE-2019-9416 | 0.00 | — | 0.01 | Sep 27, 2019 | In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2019-9406 | 0.00 | — | 0.01 | Sep 27, 2019 | In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2019-9428 | 0.00 | — | 0.01 | Sep 27, 2019 | In the Framework, it is possible to set up BROWSEABLE intents to take over certain URLs. This could lead to remote information disclosure of sensitive URLs with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions:… | |||
| CVE-2019-9407 | 0.00 | — | 0.00 | Sep 27, 2019 | In notification management of the service manager, there is a possible permissions bypass. This could lead to local escalation of privilege by preventing user notification, with no additional execution privileges needed. User interaction is not needed for exploitation. Product:… | |||
| CVE-2019-9415 | 0.00 | — | 0.01 | Sep 27, 2019 | In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2019-9404 | 0.00 | — | 0.01 | Sep 27, 2019 | In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2019-9405 | 0.00 | — | 0.01 | Sep 27, 2019 | In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112890225 | |||
| CVE-2019-9424 | 0.00 | — | 0.00 | Sep 27, 2019 | In the Screen Lock, there is a possible information disclosure due to an unusual root cause. In certain circumstances, the setting to hide the unlock pattern can be ignored. Product: AndroidVersions: Android-10Android ID: A-110941092 | |||
| CVE-2019-9418 | 0.00 | — | 0.01 | Sep 27, 2019 | In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2019-9417 | 0.00 | — | 0.00 | Sep 27, 2019 | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2019-9429 | 0.00 | — | 0.00 | Sep 27, 2019 | In profman, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2019-9432 | 0.00 | — | 0.01 | Sep 27, 2019 | In Bluetooth, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation. Product:… | |||
| CVE-2019-9434 | 0.00 | — | 0.01 | Sep 27, 2019 | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with heap information written to the log with System execution privileges needed. User interaction is not needed for exploitation. Product:… | |||
| CVE-2019-9430 | 0.00 | — | 0.01 | Sep 27, 2019 | In Bluetooth, there is a possible null pointer dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2019-9435 | 0.00 | — | 0.00 | Sep 27, 2019 | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2019-9413 | 0.00 | — | 0.01 | Sep 27, 2019 | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:… | |||
| CVE-2019-9388 | 0.00 | — | 0.01 | Sep 27, 2019 | In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product:… | |||
| CVE-2019-9384 | 0.00 | — | 0.00 | Sep 27, 2019 | In LockPatternUtils, there is a possible escalation of privilege due to an improper permissions check. This could lead to local bypass of the Lockguard with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:… |
- CVE-2019-9411Sep 27, 2019risk 0.00cvss —epss 0.01
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- CVE-2019-9421Sep 27, 2019risk 0.00cvss —epss 0.00
In libandroidfw, there is a possible OOB read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111215250
- CVE-2019-9416Sep 27, 2019risk 0.00cvss —epss 0.01
In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- CVE-2019-9406Sep 27, 2019risk 0.00cvss —epss 0.01
In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- CVE-2019-9428Sep 27, 2019risk 0.00cvss —epss 0.01
In the Framework, it is possible to set up BROWSEABLE intents to take over certain URLs. This could lead to remote information disclosure of sensitive URLs with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions:…
- CVE-2019-9407Sep 27, 2019risk 0.00cvss —epss 0.00
In notification management of the service manager, there is a possible permissions bypass. This could lead to local escalation of privilege by preventing user notification, with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…
- CVE-2019-9415Sep 27, 2019risk 0.00cvss —epss 0.01
In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- CVE-2019-9404Sep 27, 2019risk 0.00cvss —epss 0.01
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- CVE-2019-9405Sep 27, 2019risk 0.00cvss —epss 0.01
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112890225
- CVE-2019-9424Sep 27, 2019risk 0.00cvss —epss 0.00
In the Screen Lock, there is a possible information disclosure due to an unusual root cause. In certain circumstances, the setting to hide the unlock pattern can be ignored. Product: AndroidVersions: Android-10Android ID: A-110941092
- CVE-2019-9418Sep 27, 2019risk 0.00cvss —epss 0.01
In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- CVE-2019-9417Sep 27, 2019risk 0.00cvss —epss 0.00
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- CVE-2019-9429Sep 27, 2019risk 0.00cvss —epss 0.00
In profman, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- CVE-2019-9432Sep 27, 2019risk 0.00cvss —epss 0.01
In Bluetooth, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…
- CVE-2019-9434Sep 27, 2019risk 0.00cvss —epss 0.01
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with heap information written to the log with System execution privileges needed. User interaction is not needed for exploitation. Product:…
- CVE-2019-9430Sep 27, 2019risk 0.00cvss —epss 0.01
In Bluetooth, there is a possible null pointer dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- CVE-2019-9435Sep 27, 2019risk 0.00cvss —epss 0.00
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- CVE-2019-9413Sep 27, 2019risk 0.00cvss —epss 0.01
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…
- CVE-2019-9388Sep 27, 2019risk 0.00cvss —epss 0.01
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…
- CVE-2019-9384Sep 27, 2019risk 0.00cvss —epss 0.00
In LockPatternUtils, there is a possible escalation of privilege due to an improper permissions check. This could lead to local bypass of the Lockguard with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:…
Page 73 of 89