|
222731
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In HIDL, safe_union, and other C++ structs/unions being sent to application processes, there are uninitialized fields. This could lead to local information disclosure with no additional execution pri…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2019-2104
|
2024-11-21 13:40 |
2019-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222732
|
7.8 |
HIGH
Local
|
google
|
android
|
In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges n…
|
CWE-416
CWE-667
Use After Free
Improper Locking
|
CVE-2019-2025
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222733
|
7.8 |
HIGH
Local
|
google
|
android
|
In em28xx_unregister_dvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i…
|
CWE-416
Use After Free
|
CVE-2019-2024
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222734
|
7.8 |
HIGH
Local
|
google
|
android
|
In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with it…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-2023
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222735
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In rw_t3t_act_handle_fmt_rsp and rw_t3t_act_handle_sro_rsp of rw_t3t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no a…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-2022
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222736
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In rw_t3t_act_handle_ndef_detect_rsp of rw_t3t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution pr…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-2021
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222737
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In llcp_dlc_proc_rr_rnr_pdu of llcp_dlc.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privilege…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-2020
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222738
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In ce_t4t_data_cback of ce_t4t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed.…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-2019
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222739
|
8.8 |
HIGH
Network
|
google
|
android
|
In resetPasswordInternal of DevicePolicyManagerService.java, there is a possible bypass of password reset protection due to an unusual root cause. Remote user interaction is needed for exploitation.P…
|
CWE-287
Improper Authentication
|
CVE-2019-2018
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222740
|
7.8 |
HIGH
Local
|
google
|
android
|
In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-2017
|
2024-11-21 13:40 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
