|
219581
|
8.8 |
HIGH
Network
|
google
|
android
|
In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User intera…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2019-2029
|
2024-11-21 13:40 |
2019-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219582
|
8.8 |
HIGH
Network
|
google
|
android
|
In numerous hand-crafted functions in libmpeg2, NEON registers are not preserved. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed f…
|
CWE-20
Improper Input Validation
|
CVE-2019-2028
|
2024-11-21 13:40 |
2019-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219583
|
8.8 |
HIGH
Network
|
google
|
android
|
In floor0_inverse1 of floor0.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2027
|
2024-11-21 13:40 |
2019-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219584
|
7.8 |
HIGH
Local
|
google
|
android
|
In updateAssistMenuItems of Editor.java, there is a possible escape from the Setup Wizard due to a missing permission check. This could lead to local escalation of privilege and FRP bypass with no ad…
|
CWE-862
Missing Authorization
|
CVE-2019-2026
|
2024-11-21 13:40 |
2019-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219585
|
7.3 |
HIGH
Network
|
oracle
|
retail_convenience_store_back_office
|
Vulnerability in the Oracle Retail Convenience Store Back Office component of Oracle Retail Applications (subcomponent: Level 3 Maintenance Functions). The supported version that is affected is 3.6. …
|
NVD-CWE-noinfo
|
CVE-2019-2424
|
2024-11-21 13:40 |
2019-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219586
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The permissions on /proc/iomem were world-readable. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Pr…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-2001
|
2024-11-21 13:40 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219587
|
7.8 |
HIGH
Local
|
google
|
android
|
In several functions of binder.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User in…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2019-2000
|
2024-11-21 13:40 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219588
|
3.8 |
LOW
Local
|
oracle
|
vm_virtualbox
|
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vuln…
|
NVD-CWE-noinfo
|
CVE-2019-2501
|
2024-11-21 13:40 |
2019-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219589
|
8.8 |
HIGH
Local
|
oracle
|
vm_virtualbox
|
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vuln…
|
NVD-CWE-noinfo
|
CVE-2019-2500
|
2024-11-21 13:40 |
2019-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219590
|
6.1 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_peopletools
|
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Search Functionality). Supported versions that are affected are 8.55, 8.56 and 8.57. …
|
NVD-CWE-noinfo
|
CVE-2019-2499
|
2024-11-21 13:40 |
2019-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
