|
219431
|
7.8 |
HIGH
Local
|
google
|
android
|
In SensorManager::assertStateLocked of SensorManager.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible use after free due to improper locking. This could lead to local escalation of p…
|
CWE-416
CWE-667
Use After Free
Improper Locking
|
CVE-2019-2174
|
2024-11-21 13:40 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219432
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In ComposeActivityEmailExternal of ComposeActivityEmailExternal.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible way to silently attach files to an email due to a confused deputy. Th…
|
NVD-CWE-noinfo
|
CVE-2019-2124
|
2024-11-21 13:40 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219433
|
7.8 |
HIGH
Local
|
google
|
android
|
In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible local execution of arbitrary code in a privileged process due to a memory overwrite. This could lead to lo…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2123
|
2024-11-21 13:40 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219434
|
7.8 |
HIGH
Local
|
google
|
android
|
In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with…
|
CWE-787
CWE-415
Out-of-bounds Write
Double Free
|
CVE-2019-2115
|
2024-11-21 13:40 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219435
|
7.8 |
HIGH
Local
|
google
|
android
|
In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution pri…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2108
|
2024-11-21 13:40 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219436
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In Google Assistant in Android 9, there is a possible permissions bypass that allows the Assistant to take a screenshot of apps with FLAG_SECURE. This could lead to local information disclosure with …
|
CWE-200
Information Exposure
|
CVE-2019-2103
|
2024-11-21 13:40 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219437
|
7.8 |
HIGH
Local
|
mongodb
|
mongodb
|
An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server to run attacker defined c…
|
NVD-CWE-noinfo
|
CVE-2019-2390
|
2024-11-21 13:40 |
2019-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219438
|
4.2 |
MEDIUM
Local
|
mongodb
|
mongodb
|
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the Mo…
|
CWE-20
Improper Input Validation
|
CVE-2019-2389
|
2024-11-21 13:40 |
2019-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219439
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In the endCall() function of TelecomManager.java, there is a possible Denial of Service due to a missing permission check. This could lead to local denial of access to Emergency Services with User ex…
|
CWE-862
Missing Authorization
|
CVE-2019-2137
|
2024-11-21 13:40 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219440
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In Status::readFromParcel of Status.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileg…
|
CWE-20
CWE-125
Improper Input Validation
Out-of-bounds Read
|
CVE-2019-2136
|
2024-11-21 13:40 |
2019-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
