Google

Android

8158 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.67%
  • Veröffentlicht 13.11.2019 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:40:26

In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio...

  • EPSS 0.17%
  • Veröffentlicht 13.11.2019 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:40:26

In poisson_distribution of random, there is an out of bounds read. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 A...

  • EPSS 0.15%
  • Veröffentlicht 13.11.2019 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:40:26

In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Produ...

  • EPSS 0.33%
  • Veröffentlicht 13.11.2019 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:40:26

In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

  • EPSS 0.18%
  • Veröffentlicht 13.11.2019 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:40:29

In getUserCount and getCount of UserSwitcherController.java, there is possible new user creation due to a logic error. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution...

  • EPSS 2.04%
  • Veröffentlicht 13.11.2019 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:40:06

In okToConnect of HidHostService.java, there is a possible permission bypass due to an incorrect state check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploit...

  • EPSS 0.19%
  • Veröffentlicht 13.11.2019 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:40:24

In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.P...

  • EPSS 0.17%
  • Veröffentlicht 13.11.2019 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:40:24

In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin app installed with no indication to the user, wi...

  • EPSS 0.2%
  • Veröffentlicht 13.11.2019 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:40:24

In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ne...

  • EPSS 0.4%
  • Veröffentlicht 13.11.2019 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:40:24

In Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 A...