|
223551
|
8.8 |
HIGH
Adjacent
|
google
|
android
|
In the Bluetooth Low Energy (BLE) specification, there is a provided example Long Term Key (LTK). If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate att…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2019-2102
|
2024-11-21 13:40 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223552
|
5.5 |
MEDIUM
Local
|
google
debian
canonical
|
android
debian_linux
ubuntu_linux
|
In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution pri…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-2101
|
2024-11-21 13:40 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223553
|
7.8 |
HIGH
Local
|
google
|
android
|
In nfa_rw_store_ndef_rx_buf of nfa_rw_act.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privi…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2099
|
2024-11-21 13:40 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223554
|
7.8 |
HIGH
Local
|
google
|
android
|
In areNotificationsEnabledForPackage of NotificationManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, w…
|
CWE-862
Missing Authorization
|
CVE-2019-2098
|
2024-11-21 13:40 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223555
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to type confusion. This could lead to remote code execution from a malicious proxy configuration, with no…
|
CWE-843
Type Confusion
|
CVE-2019-2097
|
2024-11-21 13:40 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223556
|
7.8 |
HIGH
Local
|
google
|
android
|
In EffectRelease of EffectBundle.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege in the audio server with no additional execution pri…
|
CWE-415
Double Free
|
CVE-2019-2096
|
2024-11-21 13:40 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223557
|
7.0 |
HIGH
Local
|
google
|
android
|
In callGenIDChangeListeners and related functions of SkPixelRef.cpp, there is a possible use after free due to a race condition. This could lead to remote code execution with no additional execution …
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2019-2095
|
2024-11-21 13:40 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223558
|
7.8 |
HIGH
Local
|
google
|
android
|
In parseMPEGCCData of NuPlayerCCDecoder.cpp, there is a possible out of bounds write due to missing bounds checks. This could lead to remote code execution with no additional execution privileges nee…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2094
|
2024-11-21 13:40 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223559
|
8.8 |
HIGH
Network
|
google
|
android
|
In huff_dec_1D of nlc_dec.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User int…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2093
|
2024-11-21 13:40 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223560
|
7.8 |
HIGH
Local
|
google
|
android
|
In isSeparateProfileChallengeAllowed of DevicePolicyManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege, wi…
|
CWE-862
Missing Authorization
|
CVE-2019-2092
|
2024-11-21 13:40 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
