CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-5679
https://notcve.org/view.php?id=CVE-2019-5679
NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is improperly authenticated, which may lead to code execution, denial of service, escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges Shield TV Experience de NVIDIA anterior a versión v8.0, el cargador de arranque de NVIDIA Tegra, contiene una vulnerabilidad en nvtboot donde la imagen de Trusted OS está autenticada inapropiadamente, lo que puede conllevar a la ejecución de código, denegación de servicio, escalada de privilegios y divulgación de información, ejecución de código, denegación de servicio o escalada de privilegios • https://nvidia.custhelp.com/app/answers/detail/a_id/4804 • CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-2119
https://notcve.org/view.php?id=CVE-2019-2119
In multiple functions of key_store_service.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-07-01 • CWE-667: Improper Locking •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-2118
https://notcve.org/view.php?id=CVE-2019-2118
In various functions of Parcel.cpp, there are uninitialized or partially initialized stack variables. These could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-07-01 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2117
https://notcve.org/view.php?id=CVE-2019-2117
In checkQueryPermission of TelephonyProvider.java, there is a possible disclosure of secure data due to a missing permission check. This could lead to local information disclosure about carrier systems with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-07-01 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2116
https://notcve.org/view.php?id=CVE-2019-2116
In save_attr_seq of sdp_discovery.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-07-01 • CWE-125: Out-of-bounds Read •