CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9542
https://notcve.org/view.php?id=CVE-2018-9542
14 Nov 2018 — In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • http://www.securityfocus.com/bid/105849 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9543
https://notcve.org/view.php?id=CVE-2018-9543
14 Nov 2018 — In trim_device of f2fs_format_utils.c, it is possible that the data partition is not wiped during a factory reset. This could lead to local information disclosure after factory reset with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • http://www.securityfocus.com/bid/105849 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9347
https://notcve.org/view.php?id=CVE-2018-9347
14 Nov 2018 — In function SMF_ParseMetaEvent of file eas_smf.c there is incorrect input validation causing an infinite loop. This could lead to a remote temporary DoS with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • http://www.securityfocus.com/bid/105844 • CWE-20: Improper Input Validation •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 1CVE-2018-9539
https://notcve.org/view.php?id=CVE-2018-9539
14 Nov 2018 — In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. • https://github.com/tamirzb/CVE-2018-9539 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 5CVE-2018-15835 – Android 5.0 Battery Information Broadcast Information Disclosure
https://notcve.org/view.php?id=CVE-2018-15835
13 Nov 2018 — Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983. Android, desde la versión 1.0 hasta la 9.0, tiene permisos inseguros. El ID de error de Android es 77286983. Android OS version 5.0 suffers from a sensitive data exposure vulnerability in its battery information broadcasts. • https://packetstorm.news/files/id/150284 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9458
https://notcve.org/view.php?id=CVE-2018-9458
06 Nov 2018 — In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window. This could lead to local escalation of privilege revealing the user's keypresses while the screen was locked with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-71786287. En computeFocusedWindow de RootWindowContainer.java,y las funciones relaci... • http://www.securitytracker.com/id/1041432 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 5%CPEs: 7EXPL: 0CVE-2018-9459
https://notcve.org/view.php?id=CVE-2018-9459
06 Nov 2018 — In Attachment of Attachment.java and getFilePath of EmlAttachmentProvider.java, there is a possible Elevation of Privilege due to a path traversal error. This could lead to a remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-66230183. En Attachment de Attachment.java y getFilePath de EmlAttachmentProvi... • http://www.securitytracker.com/id/1041432 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 7%CPEs: 7EXPL: 0CVE-2018-9355
https://notcve.org/view.php?id=CVE-2018-9355
06 Nov 2018 — In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74016921. En bta_dm_sdp_result de bta_dm_act.cc, hay una posible escritura en la pila fuera de límites debido a la falta de una... • http://www.securityfocus.com/bid/104461 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 0CVE-2018-9359
https://notcve.org/view.php?id=CVE-2018-9359
06 Nov 2018 — In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74196706. En process_l2cap_cmd de l2c_main.cc, hay una posible lectura fuera de límites debido a la falta de una comprobación de... • http://www.securityfocus.com/bid/104461 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 0CVE-2018-9361
https://notcve.org/view.php?id=CVE-2018-9361
06 Nov 2018 — In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74202041. En process_l2cap_cmd de l2c_main.cc, hay una posible lectura fuera de límites debido a la falta de una comprobación de... • http://www.securityfocus.com/bid/104461 • CWE-125: Out-of-bounds Read •