CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-2091
https://notcve.org/view.php?id=CVE-2019-2091
07 Jun 2019 — In GetPermittedAccessibilityServicesForUser of DevicePolicyManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1. • https://source.android.com/security/bulletin/2019-06-01 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2090
https://notcve.org/view.php?id=CVE-2019-2090
07 Jun 2019 — In isPackageDeviceAdminOnAnyUser of PackageManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-06-01 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2053
https://notcve.org/view.php?id=CVE-2019-2053
08 May 2019 — In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-122074159 En wnm_parse_neighbor_report_elem de wnm_sta.c, hay una posible lectura fuera de límites debido a la falta de verificación de ... • https://source.android.com/security/bulletin/2019-05-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-2052
https://notcve.org/view.php?id=CVE-2019-2052
08 May 2019 — In VisitPointers of heap.cc, there is a possible out-of-bounds read due to type confusion. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.1 Android-9 Android ID: A-117556606 En VisitPointers de heap.cc, hay una posible lectura fuera de límites debido a la confusión de tipo. Esto podría conducir a la divulgación de información remota s... • https://source.android.com/security/bulletin/2019-05-01 • CWE-125: Out-of-bounds Read CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2051
https://notcve.org/view.php?id=CVE-2019-2051
08 May 2019 — In heap of spaces.h, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure when processing a proxy auto config file with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-117555811 En la carga de spaces.h, hay una posible lectura fuera de límites debido a una comprobación de entrada inc... • https://source.android.com/security/bulletin/2019-05-01 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-2050
https://notcve.org/view.php?id=CVE-2019-2050
08 May 2019 — In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9 Android ID: A-121327323 En la interfaz tearDownClientInterface de WificondControl.java, hay un posible uso de memoria previamente liberada debido a un bloqueo inadecuado. Esto podría llevar a u... • https://source.android.com/security/bulletin/2019-05-01 • CWE-416: Use After Free CWE-667: Improper Locking •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2047
https://notcve.org/view.php?id=CVE-2019-2047
08 May 2019 — In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-117607414 En UpdateLoadElement de ic.cc, existe una posible escritura fuera de límites a causa de la confusión de tipo. Esto podría llevar a... • https://source.android.com/security/bulletin/2019-05-01 • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2019-2046
https://notcve.org/view.php?id=CVE-2019-2046
08 May 2019 — In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-117556220 En CalculateInstanceSizeForDerivedClass de objects.cc, es posible que se dañe la memoria a causa de un de... • https://source.android.com/security/bulletin/2019-05-01 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2019-2045
https://notcve.org/view.php?id=CVE-2019-2045
08 May 2019 — In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.1 Android-9 Android ID: A-117554758 En JSCallTyper de typer.cc, hay una escritura fuera de límites producto de una comprobación de límites incorrecta. Esto podría llevar a la eje... • https://source.android.com/security/bulletin/2019-05-01 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 6EXPL: 0CVE-2019-2044
https://notcve.org/view.php?id=CVE-2019-2044
08 May 2019 — In MakeMP>G4VideoCodecSpecificData of APacketSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-123701862 En MakeMP> G4VideoCodecSpecificData de APacketSource.cpp, se presenta una posible escritura fuera de l... • https://source.android.com/security/bulletin/2019-05-01 • CWE-787: Out-of-bounds Write •