CVE-2019-2211
- EPSS 0.67%
- Veröffentlicht 13.11.2019 18:15:12
- Zuletzt bearbeitet 21.11.2024 04:40:26
In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio...
CVE-2019-2212
- EPSS 0.17%
- Veröffentlicht 13.11.2019 18:15:12
- Zuletzt bearbeitet 21.11.2024 04:40:26
In poisson_distribution of random, there is an out of bounds read. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 A...
CVE-2019-2213
- EPSS 0.15%
- Veröffentlicht 13.11.2019 18:15:12
- Zuletzt bearbeitet 21.11.2024 04:40:26
In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Produ...
CVE-2019-2214
- EPSS 0.33%
- Veröffentlicht 13.11.2019 18:15:12
- Zuletzt bearbeitet 21.11.2024 04:40:26
In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2019-2233
- EPSS 0.18%
- Veröffentlicht 13.11.2019 18:15:12
- Zuletzt bearbeitet 21.11.2024 04:40:29
In getUserCount and getCount of UserSwitcherController.java, there is possible new user creation due to a logic error. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution...
- EPSS 2.04%
- Veröffentlicht 13.11.2019 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:40:06
In okToConnect of HidHostService.java, there is a possible permission bypass due to an incorrect state check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploit...
CVE-2019-2192
- EPSS 0.19%
- Veröffentlicht 13.11.2019 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:40:24
In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.P...
CVE-2019-2193
- EPSS 0.17%
- Veröffentlicht 13.11.2019 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:40:24
In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin app installed with no indication to the user, wi...
CVE-2019-2195
- EPSS 0.2%
- Veröffentlicht 13.11.2019 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:40:24
In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ne...
CVE-2019-2196
- EPSS 0.4%
- Veröffentlicht 13.11.2019 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:40:24
In Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 A...