CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-2123
https://notcve.org/view.php?id=CVE-2019-2123
05 Sep 2019 — In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible local execution of arbitrary code in a privileged process due to a memory overwrite. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. En la función execTransact del archivo Binder.java en Android versiones 7.1.1, 7.1.2, 8.0, 8.1 y 9, se presenta una posible ejecución local de código arbitrario en un proceso privilegiado ... • https://source.android.com/security/bulletin/2019-09-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2127
https://notcve.org/view.php?id=CVE-2019-2127
20 Aug 2019 — In AudioInputDescriptor::setClientActive of AudioInputDescriptor.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-08-01 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2136
https://notcve.org/view.php?id=CVE-2019-2136
20 Aug 2019 — In Status::readFromParcel of Status.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-08-01 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2135
https://notcve.org/view.php?id=CVE-2019-2135
20 Aug 2019 — In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-08-01 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2134
https://notcve.org/view.php?id=CVE-2019-2134
20 Aug 2019 — In phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-08-01 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2133
https://notcve.org/view.php?id=CVE-2019-2133
20 Aug 2019 — In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-08-01 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2132
https://notcve.org/view.php?id=CVE-2019-2132
20 Aug 2019 — It is possible to overlay the VPN dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-08-01 •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2131
https://notcve.org/view.php?id=CVE-2019-2131
20 Aug 2019 — An application with overlay permission can display overlays on top of settings UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-08-01 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2019-2130
https://notcve.org/view.php?id=CVE-2019-2130
20 Aug 2019 — In CompilationJob::FinalizeJob of compiler.cc, there is a possible remote code execution due to type confusion. This could lead to escalation of privilege from a malicious proxy configuration with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-08-01 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2129
https://notcve.org/view.php?id=CVE-2019-2129
20 Aug 2019 — In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-08-01 • CWE-125: Out-of-bounds Read •