VYPR

Android

by Google

CVEs (4,041)

  • CVE-2020-0028Feb 13, 2020
    risk 0.00cvss epss 0.03

    In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0020Feb 13, 2020
    risk 0.00cvss epss 0.00

    In getAttributeRange of ExifInterface.java, there is a possible failure to redact location information from media files due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for…

  • CVE-2020-0014Feb 13, 2020
    risk 0.00cvss epss 0.01

    It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. This could lead to a local escalation of privilege with no additional execution privileges needed. User action is needed for exploitation.Product:…

  • CVE-2011-3901Feb 12, 2020
    risk 0.00cvss epss 0.01

    Android SQLite Journal before 4.0.1 has an information disclosure vulnerability.

  • CVE-2011-2343Feb 12, 2020
    risk 0.00cvss epss 0.00

    The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer.

  • CVE-2014-7224Feb 7, 2020
    risk 0.00cvss epss 0.02

    A Code Execution vulnerability exists in Android prior to 4.4.0 related to the addJavascriptInterface method and the accessibility and accessibilityTraversal objects, which could let a remote malicious user execute arbitrary code.

  • CVE-2020-0004Jan 8, 2020
    risk 0.00cvss epss 0.00

    In generateCrop of WallpaperManagerService.java, there is a possible sysui crash due to image exceeding maximum texture size. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2014-9908Jan 8, 2020
    risk 0.00cvss epss 0.00

    A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558).

  • CVE-2019-9465Jan 7, 2020
    risk 0.00cvss epss 0.00

    In the Titan M handling of cryptographic operations, there is a possible information disclosure due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2019-9470Jan 6, 2020
    risk 0.00cvss epss 0.00

    In dma_sblk_start of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android…

  • CVE-2019-2221Dec 6, 2019
    risk 0.00cvss epss 0.00

    In hasActivityInVisibleTask of WindowProcessController.java there’s a possible bypass of user interaction requirements due to incorrect handling of top activities in INITIALIZING state. This could lead to local escalation of privilege with no additional execution privileges…

  • CVE-2019-2232Dec 6, 2019
    risk 0.00cvss epss 0.01

    In handleRun of TextLine.java, there is a possible application crash due to improper input validation. This could lead to remote denial of service when processing Unicode with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-9467Nov 13, 2019
    risk 0.00cvss epss 0.00

    In the Bootloader, there is a possible kernel command injection due to missing command sanitization. This could lead to a local elevation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2019-2210Nov 13, 2019
    risk 0.00cvss epss 0.00

    In load_logging_config of qmi_vs_service.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-2209Nov 13, 2019
    risk 0.00cvss epss 0.00

    In BTA_DmPinReply of bta_dm_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2019-2208Nov 13, 2019
    risk 0.00cvss epss 0.01

    In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is…

  • CVE-2019-2203Nov 13, 2019
    risk 0.00cvss epss 0.00

    In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-2201Nov 13, 2019
    risk 0.00cvss epss 0.03

    In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for…

  • CVE-2019-2199Nov 13, 2019
    risk 0.00cvss epss 0.00

    In createSessionInternal of PackageInstallerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android…

  • CVE-2019-2114Oct 11, 2019
    risk 0.00cvss epss 0.00

    In the default privileges of NFC, there is a possible local bypass of user interaction requirements on package installation due to a default permission. This could lead to local escalation of privilege by installing an application with no additional execution privileges needed.…

Page 187 of 203