|
221911
|
7.8 |
HIGH
Local
|
google
debian
canonical
|
android
debian_linux
ubuntu_linux
|
In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privi…
|
CWE-415
Double Free
|
CVE-2019-1999
|
2024-11-21 13:37 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221912
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In event_handler of keymaster_app.c, there is possible resource exhaustion due to a table being lost on reboot. This could lead to local denial of service that is not fixed by a factory reset, with n…
|
NVD-CWE-noinfo
|
CVE-2019-1998
|
2024-11-21 13:37 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221913
|
7.5 |
HIGH
Network
|
google
|
android
|
In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection wi…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2019-1997
|
2024-11-21 13:37 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221914
|
6.5 |
MEDIUM
Adjacent
|
google
|
android
|
In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional ex…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-1996
|
2024-11-21 13:37 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221915
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In ComposeActivityEmail of ComposeActivityEmail.java, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure, sending f…
|
NVD-CWE-noinfo
|
CVE-2019-1995
|
2024-11-21 13:37 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221916
|
8.8 |
HIGH
Network
|
google
|
android
|
In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, …
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2019-1994
|
2024-11-21 13:37 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221917
|
7.8 |
HIGH
Local
|
google
|
android
|
In register_app of btif_hd.cc, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User …
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2019-1993
|
2024-11-21 13:37 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221918
|
7.5 |
HIGH
Network
|
google
|
android
|
In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use-after-free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. Use…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2019-1992
|
2024-11-21 13:37 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221919
|
8.8 |
HIGH
Network
|
google
|
android
|
In btif_dm_data_copy of btif_core.cc, there is a possible out of bounds write due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User i…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-1991
|
2024-11-21 13:37 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221920
|
8.8 |
HIGH
Network
|
google
|
android
|
In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution in system_server with no additional execution privileg…
|
CWE-20
CWE-787
Improper Input Validation
Out-of-bounds Write
|
CVE-2019-1988
|
2024-11-21 13:37 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
