VYPR

Android

by Google

CVEs (4,041)

  • CVE-2019-2078Sep 27, 2019
    risk 0.00cvss epss 0.01

    In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114749542

  • CVE-2019-2070Sep 27, 2019
    risk 0.00cvss epss 0.01

    In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117883804

  • CVE-2019-2108Sep 5, 2019
    risk 0.00cvss epss 0.01

    In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2019-2124Sep 5, 2019
    risk 0.00cvss epss 0.00

    In ComposeActivityEmailExternal of ComposeActivityEmailExternal.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure.

  • CVE-2019-2180Sep 5, 2019
    risk 0.00cvss epss 0.00

    In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed…

  • CVE-2019-2178Sep 5, 2019
    risk 0.00cvss epss 0.00

    In rw_t4t_sm_read_ndef of rw_t4t in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC service with no additional execution privileges needed. User interaction…

  • CVE-2019-2135Aug 20, 2019
    risk 0.00cvss epss 0.01

    In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2019-2128Aug 20, 2019
    risk 0.00cvss epss 0.00

    In ACELP_4t64_fx of c4t64fx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:…

  • CVE-2019-2119Jul 8, 2019
    risk 0.00cvss epss 0.00

    In multiple functions of key_store_service.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction is not needed for exploitation.…

  • CVE-2019-2117Jul 8, 2019
    risk 0.00cvss epss 0.00

    In checkQueryPermission of TelephonyProvider.java, there is a possible disclosure of secure data due to a missing permission check. This could lead to local information disclosure about carrier systems with no additional execution privileges needed. User interaction is not…

  • CVE-2019-2113Jul 8, 2019
    risk 0.00cvss epss 0.00

    In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID:…

  • CVE-2019-2105Jul 8, 2019
    risk 0.00cvss epss 0.01

    In FileInputStream::Read of file_input_stream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.…

  • CVE-2019-2018Jun 19, 2019
    risk 0.00cvss epss 0.01

    In resetPasswordInternal of DevicePolicyManagerService.java, there is a possible bypass of password reset protection due to an unusual root cause. Remote user interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9Android ID: A-110172241

  • CVE-2019-1989Jun 19, 2019
    risk 0.00cvss epss 0.01

    In ih264d_fmt_conv_420sp_to_420p of ih264d_format_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2019-2004Jun 19, 2019
    risk 0.00cvss epss 0.00

    In publishKeyEvent, publishMotionEvent and sendUnchainedFinishedSignal of InputTransport.cpp, there are uninitialized data leading to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-1985Jun 19, 2019
    risk 0.00cvss epss 0.00

    In findAvailSpellCheckerLocked of TextServicesManagerService.java, there is a possible way to bypass the warning dialog when selecting an untrusted spell checker due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges…

  • CVE-2019-2053May 8, 2019
    risk 0.00cvss epss 0.00

    In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android…

  • CVE-2019-2052May 8, 2019
    risk 0.00cvss epss 0.01

    In VisitPointers of heap.cc, there is a possible out-of-bounds read due to type confusion. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0…

  • CVE-2019-2051May 8, 2019
    risk 0.00cvss epss 0.01

    In heap of spaces.h, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure when processing a proxy auto config file with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2019-2047May 8, 2019
    risk 0.00cvss epss 0.01

    In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android…

Page 190 of 203