5670 results (0.004 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

In setVpnForcedLocked of Vpn.java, there is a possible blocking of internet traffic through vpn due to a bad uid check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. • https://source.android.com/security/bulletin/2018-09-01 •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

In hidh_l2cif_data_ind of hidh_conn.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/2018-09-01 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/2018-09-01 • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/2018-09-01 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

In bta_dm_remove_sec_dev_entry of bta_dm_act.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/2018-09-01 • CWE-125: Out-of-bounds Read CWE-416: Use After Free •