CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9537
https://notcve.org/view.php?id=CVE-2018-9537
In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. • http://www.securityfocus.com/bid/105865 https://source.android.com/security/bulletin/2018-11-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9540
https://notcve.org/view.php?id=CVE-2018-9540
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • http://www.securityfocus.com/bid/105849 https://source.android.com/security/bulletin/2018-11-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9541
https://notcve.org/view.php?id=CVE-2018-9541
In avrc_pars_vendor_rsp of avcr_pars_ct.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • http://www.securityfocus.com/bid/105849 https://source.android.com/security/bulletin/2018-11-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9542
https://notcve.org/view.php?id=CVE-2018-9542
In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • http://www.securityfocus.com/bid/105849 https://source.android.com/security/bulletin/2018-11-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 3CVE-2018-15835 – Android 5.0 Battery Information Broadcast Information Disclosure
https://notcve.org/view.php?id=CVE-2018-15835
Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983. Android, desde la versión 1.0 hasta la 9.0, tiene permisos inseguros. El ID de error de Android es 77286983. Android OS version 5.0 suffers from a sensitive data exposure vulnerability in its battery information broadcasts. • http://packetstormsecurity.com/files/150284/Android-5.0-Battery-Information-Broadcast-Information-Disclosure.html http://seclists.org/fulldisclosure/2018/Nov/35 https://wwws.nightwatchcybersecurity.com/2018/11/11/cve-2018-15835 • CWE-732: Incorrect Permission Assignment for Critical Resource •