CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9490
https://notcve.org/view.php?id=CVE-2018-9490
02 Oct 2018 — In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type confusion. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111274046 En CollectValuesOrEntriesImpl de elements.cc, hay uan posible ejecución remota de código debido a una confusión de tipos. • http://www.securityfocus.com/bid/105484 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9491
https://notcve.org/view.php?id=CVE-2018-9491
02 Oct 2018 — In AMediaCodecCryptoInfo_new of NdkMediaCodec.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in external apps with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111603051 En AMediaCodecCryptoInfo_new de NdkMediaCodec.cpp, hay una posible escritura fuera de límites debido a un desbordam... • http://www.securityfocus.com/bid/105484 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-9493
https://notcve.org/view.php?id=CVE-2018-9493
02 Oct 2018 — In the content provider of the download manager, there is a possible SQL injection due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111085900 En el proveedor de contenidos del gestor de descargas, hay una posible inyección SQL debido a una validación de entradas in... • https://github.com/IOActive/AOSP-DownloadProviderDbDumper • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9497
https://notcve.org/view.php?id=CVE-2018-9497
02 Oct 2018 — In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 of impeg2_format_conv.s there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-74078669 En impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 de impeg2_format_conv.s, hay una posible escritura fuera de límites... • http://www.securityfocus.com/bid/105481 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2018-9498
https://notcve.org/view.php?id=CVE-2018-9498
02 Oct 2018 — In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78354855 En SkSampler::Fill de SkSampler.cpp, hay una posible escritura fuera de límites debido a un búfer no inicializado. Esto podría llevar a la ejecución remota de ... • http://www.securityfocus.com/bid/105481 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2018-9499
https://notcve.org/view.php?id=CVE-2018-9499
02 Oct 2018 — In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This could lead to local information disclosure from the DRM server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-79218474 En readVector de iCrypto.cpp, hay una posible lectura no válida debido a datos no inicializados. Esto podría llevar a una divulgaci... • http://www.securityfocus.com/bid/105481 • CWE-908: Use of Uninitialized Resource •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9502
https://notcve.org/view.php?id=CVE-2018-9502
02 Oct 2018 — In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111936792 En rfc_process_mx_message de rfc_ts_frames.cc, hay una posible lectura fuera de límites debido a ... • http://www.securityfocus.com/bid/105482 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9503
https://notcve.org/view.php?id=CVE-2018-9503
02 Oct 2018 — In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-80432928 En rfc_process_mx_message de rfc_ts_frames.cc, hay una posible lectura fuera de límites debido a la falta de una comprobaci... • http://www.securityfocus.com/bid/105482 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9504
https://notcve.org/view.php?id=CVE-2018-9504
02 Oct 2018 — In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110216176 En sdp_copy_raw_data de sdp_discovery.cc, hay una posible escritura fuera de límites debido a una comprobación de lí... • http://www.securityfocus.com/bid/105482 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9505
https://notcve.org/view.php?id=CVE-2018-9505
02 Oct 2018 — In mca_ccb_hdl_req of mca_cact.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110791536 En mca_ccb_hdl_req de mca_cact.cc, hay una posible lectura fuera de límites debido a la falta de una comprobación de lí... • http://www.securityfocus.com/bid/105482 • CWE-125: Out-of-bounds Read •