Page 7 of 12567 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

In f_hidg_read and hidg_disable of f_hid.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/2018-07-01 • CWE-416: Use After Free •

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation. • https://source.android.com/security/bulletin/2018-07-01 •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. • https://source.android.com/security/bulletin/2018-07-01 • CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

In analyzeAxes of FontUtils.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/2018-07-01 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

In smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code execution due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. • https://source.android.com/security/bulletin/2018-07-01 • CWE-125: Out-of-bounds Read •