VYPR

Android

by Google

CVEs (4,041)

  • CVE-2018-9531Nov 14, 2018
    risk 0.00cvss epss 0.01

    In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2018-9526Nov 14, 2018
    risk 0.00cvss epss 0.01

    In device configuration data, there is an improperly configured setting. This could lead to remote disclosure of device location. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112159033

  • CVE-2018-9539Nov 14, 2018
    risk 0.00cvss epss 0.00

    In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0…

  • CVE-2018-9536Nov 14, 2018
    risk 0.00cvss epss 0.01

    In numerous functions of libFDK, there are possible out of bounds writes due to incorrect bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9.…

  • CVE-2018-9537Nov 14, 2018
    risk 0.00cvss epss 0.02

    In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product:…

  • CVE-2018-9534Nov 14, 2018
    risk 0.00cvss epss 0.01

    In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2018-9347Nov 14, 2018
    risk 0.00cvss epss 0.01

    In function SMF_ParseMetaEvent of file eas_smf.c there is incorrect input validation causing an infinite loop. This could lead to a remote temporary DoS with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2018-9580Nov 14, 2018
    risk 0.00cvss epss 0.00

    A Elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android kernel. Android ID: A-76222002.

  • CVE-2018-9528Nov 14, 2018
    risk 0.00cvss epss 0.01

    In ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product:…

  • CVE-2018-9530Nov 14, 2018
    risk 0.00cvss epss 0.01

    In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2018-9543Nov 14, 2018
    risk 0.00cvss epss 0.00

    In trim_device of f2fs_format_utils.c, it is possible that the data partition is not wiped during a factory reset. This could lead to local information disclosure after factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.…

  • CVE-2018-9535Nov 14, 2018
    risk 0.00cvss epss 0.01

    In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2018-9527Nov 14, 2018
    risk 0.00cvss epss 0.01

    In vorbis_book_decodev_set of codebook.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2018-9529Nov 14, 2018
    risk 0.00cvss epss 0.01

    In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2018-9524Nov 14, 2018
    risk 0.00cvss epss 0.00

    In functionality implemented in System UI, there are insufficient protections implemented around overlay windows. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2018-9521Nov 14, 2018
    risk 0.00cvss epss 0.02

    In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for…

  • CVE-2018-9532Nov 14, 2018
    risk 0.00cvss epss 0.01

    In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2018-9542Nov 14, 2018
    risk 0.00cvss epss 0.01

    In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.…

  • CVE-2018-9525Nov 14, 2018
    risk 0.00cvss epss 0.00

    In the AndroidManifest.xml file defining the SliceBroadcastReceiver handler for com.android.settings.slice.action.WIFI_CHANGED, there is a possible permissions bypass due to a confused deputy. This could lead to local escalation of privilege, allowing a local attacker to change…

  • CVE-2018-9523Nov 14, 2018
    risk 0.00cvss epss 0.00

    In Parcel.writeMapInternal of Parcel.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

Page 193 of 203