VYPR

Android SDK

by Google

CVEs (1,763)

  • CVE-2018-9535Nov 14, 2018
    risk 0.00cvss epss 0.01

    In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2018-9542Nov 14, 2018
    risk 0.00cvss epss 0.01

    In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.…

  • CVE-2018-9545Nov 14, 2018
    risk 0.00cvss epss 0.00

    In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.…

  • CVE-2018-9534Nov 14, 2018
    risk 0.00cvss epss 0.01

    In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2018-9532Nov 14, 2018
    risk 0.00cvss epss 0.01

    In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2018-9543Nov 14, 2018
    risk 0.00cvss epss 0.00

    In trim_device of f2fs_format_utils.c, it is possible that the data partition is not wiped during a factory reset. This could lead to local information disclosure after factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.…

  • CVE-2018-9521Nov 14, 2018
    risk 0.00cvss epss 0.02

    In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for…

  • CVE-2018-9533Nov 14, 2018
    risk 0.00cvss epss 0.01

    In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out of write read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2018-9523Nov 14, 2018
    risk 0.00cvss epss 0.00

    In Parcel.writeMapInternal of Parcel.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2018-9539Nov 14, 2018
    risk 0.00cvss epss 0.00

    In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0…

  • CVE-2018-9544Nov 14, 2018
    risk 0.00cvss epss 0.00

    In register_app of btif_hd.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2018-9525Nov 14, 2018
    risk 0.00cvss epss 0.00

    In the AndroidManifest.xml file defining the SliceBroadcastReceiver handler for com.android.settings.slice.action.WIFI_CHANGED, there is a possible permissions bypass due to a confused deputy. This could lead to local escalation of privilege, allowing a local attacker to change…

  • CVE-2018-9536Nov 14, 2018
    risk 0.00cvss epss 0.01

    In numerous functions of libFDK, there are possible out of bounds writes due to incorrect bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9.…

  • CVE-2018-9530Nov 14, 2018
    risk 0.00cvss epss 0.01

    In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2018-9457Nov 14, 2018
    risk 0.00cvss epss 0.00

    In onCheckedChanged of BluetoothPairingController.java, there is a possible way to retrieve contact information due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2018-9347Nov 14, 2018
    risk 0.00cvss epss 0.01

    In function SMF_ParseMetaEvent of file eas_smf.c there is incorrect input validation causing an infinite loop. This could lead to a remote temporary DoS with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2018-9427Nov 6, 2018
    risk 0.00cvss epss 0.02

    In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android…

  • CVE-2018-9436Nov 6, 2018
    risk 0.00cvss epss 0.02

    In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:…

  • CVE-2018-9448Nov 6, 2018
    risk 0.00cvss epss 0.02

    In avct_bcb_msg_ind of avct_bcb_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android…

  • CVE-2018-9489Nov 6, 2018
    risk 0.00cvss epss 0.01

    When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. This could lead to information disclosure with no execution privileges needed. User interaction is not needed for…