CVE-2019-2094
- EPSS 1.09%
- Veröffentlicht 07.06.2019 20:29:01
- Zuletzt bearbeitet 21.11.2024 04:40:13
In parseMPEGCCData of NuPlayerCCDecoder.cpp, there is a possible out of bounds write due to missing bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. P...
CVE-2019-2095
- EPSS 0.68%
- Veröffentlicht 07.06.2019 20:29:01
- Zuletzt bearbeitet 21.11.2024 04:40:13
In callGenIDChangeListeners and related functions of SkPixelRef.cpp, there is a possible use after free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for e...
CVE-2019-2096
- EPSS 0.17%
- Veröffentlicht 07.06.2019 20:29:01
- Zuletzt bearbeitet 21.11.2024 04:40:13
In EffectRelease of EffectBundle.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for ...
- EPSS 1.33%
- Veröffentlicht 07.06.2019 20:29:01
- Zuletzt bearbeitet 21.11.2024 04:40:13
In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to type confusion. This could lead to remote code execution from a malicious proxy configuration, with no additional execution privileges needed. User inter...
CVE-2019-2098
- EPSS 0.15%
- Veröffentlicht 07.06.2019 20:29:01
- Zuletzt bearbeitet 21.11.2024 04:40:13
In areNotificationsEnabledForPackage of NotificationManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional privileges needed. User interacti...
CVE-2019-2099
- EPSS 0.57%
- Veröffentlicht 07.06.2019 20:29:01
- Zuletzt bearbeitet 21.11.2024 04:40:13
In nfa_rw_store_ndef_rx_buf of nfa_rw_act.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploi...
CVE-2019-2101
- EPSS 0.4%
- Veröffentlicht 07.06.2019 20:29:01
- Zuletzt bearbeitet 21.11.2024 04:40:13
In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ...
CVE-2019-2102
- EPSS 0.33%
- Veröffentlicht 07.06.2019 20:29:01
- Zuletzt bearbeitet 21.11.2024 04:40:14
In the Bluetooth Low Energy (BLE) specification, there is a provided example Long Term Key (LTK). If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired And...
CVE-2019-2090
- EPSS 0.13%
- Veröffentlicht 07.06.2019 20:29:00
- Zuletzt bearbeitet 21.11.2024 04:40:12
In isPackageDeviceAdminOnAnyUser of PackageManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is ...
- EPSS 1.36%
- Veröffentlicht 08.05.2019 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:40:07
In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploit...