VYPR

Android SDK

by Google

CVEs (1,763)

  • CVE-2019-2101Jun 7, 2019
    risk 0.00cvss epss 0.00

    In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2019-2099Jun 7, 2019
    risk 0.00cvss epss 0.01

    In nfa_rw_store_ndef_rx_buf of nfa_rw_act.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2019-2098Jun 7, 2019
    risk 0.00cvss epss 0.00

    In areNotificationsEnabledForPackage of NotificationManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional privileges needed. User interaction is not needed for…

  • CVE-2019-2102Jun 7, 2019
    risk 0.00cvss epss 0.00

    In the Bluetooth Low Energy (BLE) specification, there is a provided example Long Term Key (LTK). If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired Android host due to improperly…

  • CVE-2019-2097Jun 7, 2019
    risk 0.00cvss epss 0.01

    In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to type confusion. This could lead to remote code execution from a malicious proxy configuration, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2019-2096Jun 7, 2019
    risk 0.00cvss epss 0.00

    In EffectRelease of EffectBundle.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2019-2095Jun 7, 2019
    risk 0.00cvss epss 0.01

    In callGenIDChangeListeners and related functions of SkPixelRef.cpp, there is a possible use after free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product:…

  • CVE-2019-2094Jun 7, 2019
    risk 0.00cvss epss 0.01

    In parseMPEGCCData of NuPlayerCCDecoder.cpp, there is a possible out of bounds write due to missing bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2019-2093Jun 7, 2019
    risk 0.00cvss epss 0.01

    In huff_dec_1D of nlc_dec.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9.…

  • CVE-2019-2092Jun 7, 2019
    risk 0.00cvss epss 0.00

    In isSeparateProfileChallengeAllowed of DevicePolicyManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is not needed for…

  • CVE-2019-2091Jun 7, 2019
    risk 0.00cvss epss 0.00

    In GetPermittedAccessibilityServicesForUser of DevicePolicyManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is not needed for…

  • CVE-2019-2090Jun 7, 2019
    risk 0.00cvss epss 0.00

    In isPackageDeviceAdminOnAnyUser of PackageManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is not needed for exploitation.…

  • CVE-2019-2049May 8, 2019
    risk 0.00cvss epss 0.00

    In SendMediaUpdate and SendFolderUpdate of avrcp_service.cc, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed…

  • CVE-2019-2046May 8, 2019
    risk 0.00cvss epss 0.01

    In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2019-2045May 8, 2019
    risk 0.00cvss epss 0.01

    In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android…

  • CVE-2019-2044May 8, 2019
    risk 0.00cvss epss 0.01

    In MakeMP>G4VideoCodecSpecificData of APacketSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for…

  • CVE-2019-2043May 8, 2019
    risk 0.00cvss epss 0.00

    In SmsDefaultDialog.onStart of SmsDefaultDialog.java, there is a possible escalation of privilege due to an overlay attack. This could lead to local escalation of privilege, granting privileges to a local app without the user's informed consent, with no additional privileges…

  • CVE-2019-2037Apr 19, 2019
    risk 0.00cvss epss 0.01

    In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out-of-bound read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2019-2041Apr 19, 2019
    risk 0.00cvss epss 0.00

    In the configuration of NFC modules on certain devices, there is a possible failure to distinguish individual devices due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for…

  • CVE-2019-2032Apr 19, 2019
    risk 0.00cvss epss 0.00

    In SetScanResponseData of ble_advertiser_hci_interface.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.…

Page 83 of 89