|
219281
|
6.5 |
MEDIUM
Adjacent
|
google
|
android
|
In DeepCopy of btif_av.cc, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure over Bluetooth with no additional execution privileges need…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-2227
|
2024-11-21 13:40 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219282
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In device_class_to_int of device_class.cc, there is a possible out of bounds read due to improper casting. This could lead to local information disclosure in the Bluetooth server with User execution …
|
CWE-125
Out-of-bounds Read
|
CVE-2019-2226
|
2024-11-21 13:40 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219283
|
8.8 |
HIGH
Adjacent
|
google
|
android
|
When pairing with a Bluetooth device, it may be possible to pair a malicious device without any confirmation from the user, and that device may be able to interact with the phone. This could lead to …
|
CWE-269
Improper Privilege Management
|
CVE-2019-2225
|
2024-11-21 13:40 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219284
|
7.8 |
HIGH
Local
|
google
|
android
|
In ihevcd_ref_list of ihevcd_ref_list.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2223
|
2024-11-21 13:40 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219285
|
7.8 |
HIGH
Local
|
google
|
android
|
n ihevcd_parse_slice_data of ihevcd_parse_slice.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privile…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2222
|
2024-11-21 13:40 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219286
|
7.8 |
HIGH
Local
|
google
|
android
|
In hasActivityInVisibleTask of WindowProcessController.java there’s a possible bypass of user interaction requirements due to incorrect handling of top activities in INITIALIZING state. This could le…
|
NVD-CWE-noinfo
|
CVE-2019-2221
|
2024-11-21 13:40 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219287
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In checkOperation of AppOpsService.java, there is a possible bypass of user interaction requirements due to mishandling application suspend. This could lead to local information disclosure no additio…
|
NVD-CWE-noinfo
|
CVE-2019-2220
|
2024-11-21 13:40 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219288
|
4.7 |
MEDIUM
Local
|
google
|
android
|
In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. Thi…
|
CWE-362
Race Condition
|
CVE-2019-2219
|
2024-11-21 13:40 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219289
|
7.8 |
HIGH
Local
|
google
|
android
|
In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. This could lead to local escalation of privilege by installi…
|
CWE-862
Missing Authorization
|
CVE-2019-2218
|
2024-11-21 13:40 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219290
|
7.8 |
HIGH
Local
|
google
|
android
|
In setCpuVulkanInUse of GpuStats.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. Use…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2019-2217
|
2024-11-21 13:40 |
2019-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
