CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-1996
https://notcve.org/view.php?id=CVE-2019-1996
28 Feb 2019 — In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. • http://www.securityfocus.com/bid/106946 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-1997
https://notcve.org/view.php?id=CVE-2019-1997
28 Feb 2019 — In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-117508900. • http://www.securityfocus.com/bid/106946 • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-9582
https://notcve.org/view.php?id=CVE-2018-9582
11 Feb 2019 — In package installer in Android-8.0, Android-8.1 and Android-9, there is a possible bypass of the unknown source warning due to a confused deputy scenario. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-112031362. En el instalador de paquetes en Android-8.0, Android-8.1 y Android-9, existe una posible omisión de la advertencia de fuente desconocida debido a un escenario de "agente confuso" (confu... • http://www.securityfocus.com/bid/106474 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9586
https://notcve.org/view.php?id=CVE-2018-9586
11 Feb 2019 — In run of InstallPackageTask.java in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, it is possible that package verification is turned off and remains off due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-116754444. Al ejecutar InstallPackageTask.java en Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 y Android-9, es po... • http://www.securityfocus.com/bid/106495 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9587
https://notcve.org/view.php?id=CVE-2018-9587
11 Feb 2019 — In savePhotoFromUriToUri of ContactPhotoUtils.java in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is possible unauthorized access to files within the contact app due to a confused deputy scenario. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Android ID: A-113597344. En savePhotoFromUriToUri de ContactPhotoUtils.java en Android-7.0, Android-7.1.1, Android-7.1.2, Androi... • http://www.securityfocus.com/bid/106495 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9585
https://notcve.org/view.php?id=CVE-2018-9585
11 Feb 2019 — In nfc_ncif_proc_get_routing of nfc_ncif.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-117554809. En nfc_ncif_proc_get_routing de nfc_ncif.cc en Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 y Android-9, existe una p... • http://www.securityfocus.com/bid/106495 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9584
https://notcve.org/view.php?id=CVE-2018-9584
11 Feb 2019 — In nfc_ncif_set_config_status of nfc_ncif.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-114047681. En nfc_ncif_set_config_status de nfc_ncif.cc en Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 y Android-9, existe una... • http://www.securityfocus.com/bid/106495 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2018-9583
https://notcve.org/view.php?id=CVE-2018-9583
11 Feb 2019 — In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-112860487. En bta_ag_parse_cmer de bta_ag_cmd.cc en Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 y Android-9, existe u... • http://www.securityfocus.com/bid/106495 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9588
https://notcve.org/view.php?id=CVE-2018-9588
11 Feb 2019 — In avdt_scb_hdl_report of avdt_scb_act.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-111450156. En avdt_scb_hdl_report de avdt_scb_act.cc en Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 y Android-9, ex... • http://www.securityfocus.com/bid/106495 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9589
https://notcve.org/view.php?id=CVE-2018-9589
11 Feb 2019 — In ieee802_11_rx_wnmsleep_req of wnm_ap.c in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi driver with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-111893132. En ieee802_11_rx_wnmsleep_req de wnm_ap.c en Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 y Android-9,... • http://www.securityfocus.com/bid/106495 • CWE-125: Out-of-bounds Read •