CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-2121
https://notcve.org/view.php?id=CVE-2019-2121
In ActivityManagerService.attachApplication of ActivityManagerService, there is a possible race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. • https://source.android.com/security/bulletin/2019-08-01 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2120
https://notcve.org/view.php?id=CVE-2019-2120
In OatFileAssistant::GenerateOatFile of oat_file_assistant.cc, there is a possible file corruption issue due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-08-01 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2019-14783
https://notcve.org/view.php?id=CVE-2019-14783
On Samsung mobile devices with N(7.x), and O(8.x), P(9.0) software, FotaAgent allows a malicious application to create privileged files. The Samsung ID is SVE-2019-14764. En dispositivos móviles Samsung con software N (7.x) y O (8.x), P (9.0), FotaAgent permite que una aplicación maliciosa cree archivos privilegiados. La identificación de Samsung es SVE-2019-14764. • http://packetstormsecurity.com/files/154615/Samsung-Mobile-Android-FotaAgent-Arbitrary-File-Creation.html http://seclists.org/fulldisclosure/2019/Sep/33 https://security.samsungmobile.com/securityUpdate.smsb •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-5682
https://notcve.org/view.php?id=CVE-2019-5682
NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in the NVIDIA Games App where it improperly exports an Activity but does not properly restrict which applications can launch the Activity, which may lead to code execution or denial of service. Shield TV Experience de NVIDIA anterior a versión v8.0, contiene una vulnerabilidad en la aplicación NVIDIA Games donde exporta inapropiadamente una Actividad pero no restringe apropiadamente qué aplicaciones pueden activar la Actividad, lo que puede conllevar a la ejecución del código o la denegación de servicio. • https://nvidia.custhelp.com/app/answers/detail/a_id/4804 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-5679
https://notcve.org/view.php?id=CVE-2019-5679
NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is improperly authenticated, which may lead to code execution, denial of service, escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges Shield TV Experience de NVIDIA anterior a versión v8.0, el cargador de arranque de NVIDIA Tegra, contiene una vulnerabilidad en nvtboot donde la imagen de Trusted OS está autenticada inapropiadamente, lo que puede conllevar a la ejecución de código, denegación de servicio, escalada de privilegios y divulgación de información, ejecución de código, denegación de servicio o escalada de privilegios • https://nvidia.custhelp.com/app/answers/detail/a_id/4804 • CWE-287: Improper Authentication •