|
221391
|
7.8 |
HIGH
Local
|
google
|
android
|
In several functions of alarm.cc, there is possible memory corruption due to a use after free. This could lead to local code execution with no additional execution privileges needed. User interaction…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2019-2112
|
2024-11-21 13:40 |
2019-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221392
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In loop of DnsTlsSocket.cpp, there is a possible heap memory corruption due to a use after free. This could lead to remote code execution in the netd server with no additional execution privileges ne…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2019-2111
|
2024-11-21 13:40 |
2019-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221393
|
8.8 |
HIGH
Network
|
google
|
android
|
In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2109
|
2024-11-21 13:40 |
2019-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221394
|
8.8 |
HIGH
Network
|
google
|
android
|
In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2107
|
2024-11-21 13:40 |
2019-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221395
|
8.8 |
HIGH
Network
|
google
|
android
|
In ihevcd_sao_shift_ctb of ihevcd_sao.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2106
|
2024-11-21 13:40 |
2019-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221396
|
8.8 |
HIGH
Network
|
google
|
android
|
In FileInputStream::Read of file_input_stream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no addition…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2019-2105
|
2024-11-21 13:40 |
2019-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221397
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In HIDL, safe_union, and other C++ structs/unions being sent to application processes, there are uninitialized fields. This could lead to local information disclosure with no additional execution pri…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2019-2104
|
2024-11-21 13:40 |
2019-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221398
|
7.8 |
HIGH
Local
|
google
|
android
|
In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges n…
|
CWE-416
CWE-667
Use After Free
Improper Locking
|
CVE-2019-2025
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221399
|
7.8 |
HIGH
Local
|
google
|
android
|
In em28xx_unregister_dvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i…
|
CWE-416
Use After Free
|
CVE-2019-2024
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221400
|
7.8 |
HIGH
Local
|
google
|
android
|
In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with it…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-2023
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
