CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9506
https://notcve.org/view.php?id=CVE-2018-9506
02 Oct 2018 — In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111803925 En avrc_msg_cback de avrc_api.cc, hay una posible lectura fuera de límites debido a la falta de una comprobación de límit... • http://www.securityfocus.com/bid/105482 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9507
https://notcve.org/view.php?id=CVE-2018-9507
02 Oct 2018 — In bta_av_proc_meta_cmd of bta_av_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111893951 En bta_av_proc_meta_cmd de bta_av_act.cc, hay una posible lectura fuera de límites debido a una comprobación ... • http://www.securityfocus.com/bid/105482 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-9508
https://notcve.org/view.php?id=CVE-2018-9508
02 Oct 2018 — In smp_process_keypress_notification of smp_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-111936834 En smp_process_keypress_notification de smp_act.cc, hay una posible lectura fuera de límites debido a una compr... • http://www.securityfocus.com/bid/105482 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9509
https://notcve.org/view.php?id=CVE-2018-9509
02 Oct 2018 — In smp_proc_master_id of smp_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111937027 En smp_proc_master_id de smp_act.cc, hay una posible lectura fuera de límites debido a la falta de una comprobación d... • http://www.securityfocus.com/bid/105482 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9510
https://notcve.org/view.php?id=CVE-2018-9510
02 Oct 2018 — In smp_proc_enc_info of smp_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111937065 En smp_proc_enc_info de smp_act.cc, hay una posible lectura fuera de límites debido a la falta de una comprobación de ... • http://www.securityfocus.com/bid/105482 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9452
https://notcve.org/view.php?id=CVE-2018-9452
02 Oct 2018 — In getOffsetForHorizontal of Layout.java, there is a possible application hang due to a slow width calculation. This could lead to remote denial of service if a contact with many hidden unicode characters were sent to the device and used by a local app, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-78464361 En getOffsetForHorizontal de Layout.jav... • http://www.securityfocus.com/bid/105484 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9516 – kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c
https://notcve.org/view.php?id=CVE-2018-9516
02 Oct 2018 — In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580. En hid_debug_events_read de drivers/hid/hid-debug.c, hay una posible escritura fuera de límites debido a la falta de una comprobación de límites. • https://access.redhat.com/errata/RHSA-2019:2029 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 15EXPL: 0CVE-2018-9363 – kernel: Buffer overflow in hidp_process_report
https://notcve.org/view.php?id=CVE-2018-9363
02 Oct 2018 — In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel. Hay un desbordamiento de enteros en hidp_process_report en bluetooth. • https://access.redhat.com/errata/RHSA-2018:2948 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 22EXPL: 0CVE-2018-14825
https://notcve.org/view.php?id=CVE-2018-14825
24 Sep 2018 — On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40 running Android OS 7.1, CK75 running Android OS 6.0, CN75 running Android OS 6.0, CN75e running Android OS 6.0, CT50 running Android OS 6.0, D75e running Android OS 6.0, CT50 running Android OS 4.4, D75e running Android OS 4.4, CN51 running Android OS 6.0, EDA50k running Android 4.4, EDA50 running Android OS 7.1, EDA50k running Android OS 7.1, EDA70 running Android OS 7.1, EDA60k running Android OS 7.1, and EDA51 r... • http://www.securityfocus.com/bid/105767 • CWE-269: Improper Privilege Management CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2CVE-2018-9488 – Android - 'zygote->init;' Chain from USB Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-9488
11 Sep 2018 — In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9.0 Android ID: A-110107376. En los permisos SELinux de crash_dump.te, hay una omisión de permisos debido a la falta de una restricción. • https://packetstorm.news/files/id/149303 • CWE-863: Incorrect Authorization •