VYPR

Android SDK

by Google

CVEs (1,763)

  • CVE-2019-2029Apr 19, 2019
    risk 0.00cvss epss 0.01

    In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0…

  • CVE-2019-2040Apr 19, 2019
    risk 0.00cvss epss 0.00

    In rw_i93_process_ext_sys_info of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2019-2039Apr 19, 2019
    risk 0.00cvss epss 0.00

    In rw_i93_sm_detect_ndef of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2019-2038Apr 19, 2019
    risk 0.00cvss epss 0.00

    In rw_i93_process_sys_info of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2019-2035Apr 19, 2019
    risk 0.00cvss epss 0.00

    In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2019-2034Apr 19, 2019
    risk 0.00cvss epss 0.00

    In rw_i93_sm_read_ndef of rw_i93.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the NFC process with no additional execution privileges needed. User interaction is needed for exploitation. Product:…

  • CVE-2019-2033Apr 19, 2019
    risk 0.00cvss epss 0.00

    In create_hdr of dnssd_clientstub.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID:…

  • CVE-2019-2031Apr 19, 2019
    risk 0.00cvss epss 0.00

    In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2019-2030Apr 19, 2019
    risk 0.00cvss epss 0.01

    In removeInterfaceAddress of NetworkController.cpp, there is a possible use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID:…

  • CVE-2019-2028Apr 19, 2019
    risk 0.00cvss epss 0.01

    In numerous hand-crafted functions in libmpeg2, NEON registers are not preserved. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1…

  • CVE-2019-2027Apr 19, 2019
    risk 0.00cvss epss 0.01

    In floor0_inverse1 of floor0.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0…

  • CVE-2019-2026Apr 19, 2019
    risk 0.00cvss epss 0.00

    In updateAssistMenuItems of Editor.java, there is a possible escape from the Setup Wizard due to a missing permission check. This could lead to local escalation of privilege and FRP bypass with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2019-1997Feb 28, 2019
    risk 0.00cvss epss 0.01

    In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2019-1991Feb 28, 2019
    risk 0.00cvss epss 0.02

    In btif_dm_data_copy of btif_core.cc, there is a possible out of bounds write due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0…

  • CVE-2019-2001Feb 28, 2019
    risk 0.00cvss epss 0.00

    The permissions on /proc/iomem were world-readable. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-117422211.

  • CVE-2019-1992Feb 28, 2019
    risk 0.00cvss epss 0.01

    In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use-after-free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2019-1988Feb 28, 2019
    risk 0.00cvss epss 0.02

    In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution in system_server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2019-1986Feb 28, 2019
    risk 0.00cvss epss 0.01

    In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges needed. User interaction is needed for exploitation.…

  • CVE-2019-1996Feb 28, 2019
    risk 0.00cvss epss 0.00

    In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.…

  • CVE-2019-1995Feb 28, 2019
    risk 0.00cvss epss 0.00

    In ComposeActivityEmail of ComposeActivityEmail.java, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure, sending files accessible to AOSP Mail to a remote email recipient, with no additional…

Page 84 of 89