Page 71 of 785 results (0.008 seconds)

CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0

In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • http://www.securityfocus.com/bid/106842 https://source.android.com/security/bulletin/2019-02-01 • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-117508900. • http://www.securityfocus.com/bid/106946 https://source.android.com/security/bulletin/2019-02-01 • CWE-330: Use of Insufficiently Random Values •

CVSS: 7.6EPSS: 0%CPEs: 6EXPL: 0

In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use-after-free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • http://www.securityfocus.com/bid/106946 https://source.android.com/security/bulletin/2019-02-01 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

In llcp_link_proc_agf_pdu of llcp_link.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-116791157. En llcp_link_proc_agf_pdu de llcp_link.cc en Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 y Android-9, existe una posible lectura fuera de límites debido a un desbordamiento de enteros. • http://www.securityfocus.com/bid/106495 https://source.android.com/security/bulletin/2019-01-01.html • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

In llcp_dlc_proc_i_pdu of llcp_dlc.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-116722267. En llcp_dlc_proc_i_pdu de llcp_dlc.cc en Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 y Android-9, existe una posible lectura fuera de límites debido a una comprobación de límites incorrecta. • http://www.securityfocus.com/bid/106495 https://source.android.com/security/bulletin/2019-01-01.html • CWE-125: Out-of-bounds Read •