CVE-2018-9466
- EPSS 0.3%
- Veröffentlicht 19.11.2024 23:15:04
- Zuletzt bearbeitet 03.11.2025 22:15:45
In the xmlSnprintfElementContent function of valid.c, there is a possible out of bounds write. This could lead to remote escalation of privilege in an unprivileged app with no additional execution privileges needed. User interaction is needed for exp...
CVE-2018-9420
- EPSS 0.08%
- Veröffentlicht 19.11.2024 22:15:19
- Zuletzt bearbeitet 22.11.2024 22:06:41
In BnCameraService::onTransact of CameraService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed ...
CVE-2018-9421
- EPSS 0.08%
- Veröffentlicht 19.11.2024 22:15:19
- Zuletzt bearbeitet 22.11.2024 22:05:41
In writeInplace of Parcel.cpp, there is a possible information leak across processes, using Binder, due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not nee...
CVE-2018-9424
- EPSS 0.08%
- Veröffentlicht 19.11.2024 22:15:19
- Zuletzt bearbeitet 22.11.2024 21:26:59
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for e...
CVE-2018-9428
- EPSS 0.08%
- Veröffentlicht 19.11.2024 22:15:19
- Zuletzt bearbeitet 22.11.2024 22:04:52
In startDevice of AAudioServiceStreamBase.cpp there is a possible out of bounds write due to a use after free. This could lead to local arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitati...
CVE-2018-9432
- EPSS 0.08%
- Veröffentlicht 19.11.2024 22:15:19
- Zuletzt bearbeitet 22.11.2024 21:11:15
In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible permissions bypass. This could lead to local escalation of privilege due to hiding and bypassing the user's ability to disable access to con...
CVE-2018-9433
- EPSS 0.25%
- Veröffentlicht 19.11.2024 22:15:19
- Zuletzt bearbeitet 22.11.2024 21:13:28
In ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2018-9411
- EPSS 0.55%
- Veröffentlicht 19.11.2024 22:15:18
- Zuletzt bearbeitet 22.11.2024 22:30:25
In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2018-9412
- EPSS 0.08%
- Veröffentlicht 19.11.2024 22:15:18
- Zuletzt bearbeitet 19.03.2025 18:15:16
In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2018-9417
- EPSS 0.08%
- Veröffentlicht 19.11.2024 22:15:18
- Zuletzt bearbeitet 22.11.2024 22:08:46
In f_hidg_read and hidg_disable of f_hid.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.