CVE-2019-1988
- EPSS 1.91%
- Veröffentlicht 28.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:37:49
In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution in system_server with no additional execution privileges needed. User interaction is needed for exploitat...
CVE-2019-1991
- EPSS 2.03%
- Veröffentlicht 28.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:37:50
In btif_dm_data_copy of btif_core.cc, there is a possible out of bounds write due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: And...
CVE-2019-1992
- EPSS 1.34%
- Veröffentlicht 28.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:37:50
In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use-after-free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: ...
CVE-2019-1993
- EPSS 0.18%
- Veröffentlicht 28.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:37:50
In register_app of btif_hd.cc, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product...
CVE-2019-1994
- EPSS 1.01%
- Veröffentlicht 28.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:37:50
In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, with no additional execution privileges needed. Use...
CVE-2019-1995
- EPSS 0.18%
- Veröffentlicht 28.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:37:50
In ComposeActivityEmail of ComposeActivityEmail.java, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure, sending files accessible to AOSP Mail to a remote email reci...
CVE-2019-1996
- EPSS 0.49%
- Veröffentlicht 28.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:37:50
In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not ...
CVE-2019-1997
- EPSS 0.86%
- Veröffentlicht 28.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:37:51
In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User ...
CVE-2019-1998
- EPSS 0.18%
- Veröffentlicht 28.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:37:51
In event_handler of keymaster_app.c, there is possible resource exhaustion due to a table being lost on reboot. This could lead to local denial of service that is not fixed by a factory reset, with no additional execution privileges needed. User inte...
CVE-2019-1999
- EPSS 0.79%
- Veröffentlicht 28.02.2019 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:37:51
In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for ex...