CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-2212
https://notcve.org/view.php?id=CVE-2019-2212
13 Nov 2019 — In poisson_distribution of random, there is an out of bounds read. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139690488 En la función poisson_distribution de aleatoriedad , hay una lectura fuera de límites. Esto podría conllevar a una divulgación de información local sin ser necesarios privilegios de ejecución adicionales. No... • https://source.android.com/security/bulletin/2019-11-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-2207
https://notcve.org/view.php?id=CVE-2019-2207
13 Nov 2019 — In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possible out of bound write due to missing bounds checks. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-124524315 En la función nfa_hci_handle_admin_gate_rsp del archivo nfa_hci_act.cc, hay una posible escritura fuera de límite debido a la falta de comprobaciones de límite... • https://source.android.com/security/bulletin/2019-11-01 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 4EXPL: 0CVE-2019-2206
https://notcve.org/view.php?id=CVE-2019-2206
13 Nov 2019 — In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139188579 En la función rw_i93_sm_set_read_only del archivo rw_i93.cc, hay una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría c... • https://source.android.com/security/bulletin/2019-11-01 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 7%CPEs: 4EXPL: 1CVE-2019-2205
https://notcve.org/view.php?id=CVE-2019-2205
13 Nov 2019 — In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139806216 En la función ProxyResolverV8::SetPacScript del archivo proxy_resolver_v8.cc, hay una posible corrupción de memoria debido a un uso de la memoria previamente li... • https://github.com/aemmitt-ns/pacpoc • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2019-2204
https://notcve.org/view.php?id=CVE-2019-2204
13 Nov 2019 — In FindSharedFunctionInfo of objects.cc, there is a possible out of bounds read due to a mistake in AST traversal. This could lead to remote code execution in the pacprocessor with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9 Android ID: A-138442295 En FindSharedFunctionInfo de objects.cc, hay una posible lectura fuera de los límites debido a un error en el recorrido AST. Esto podría conducir a la ejecución remo... • https://source.android.com/security/bulletin/2020-01-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-2203
https://notcve.org/view.php?id=CVE-2019-2203
13 Nov 2019 — In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-137370777 En la función CryptoPlugin::decrypt del archivo CryptoPlugin.cpp, hay una posible escritura fuera de límites debido a un desbordamiento del búfer de la pila... • https://source.android.com/security/bulletin/2019-11-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-2202
https://notcve.org/view.php?id=CVE-2019-2202
13 Nov 2019 — In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-137283376 En la función CryptoPlugin::decrypt del archivo CryptoPlugin.cpp, se presenta una posible escritura fuera de límites debido a un desbordamiento del búfer de la pila. Esto podría co... • https://source.android.com/security/bulletin/2019-11-01 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 2%CPEs: 7EXPL: 0CVE-2019-2201 – Ubuntu Security Notice USN-4190-1
https://notcve.org/view.php?id=CVE-2019-2201
13 Nov 2019 — In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338 En la función generate_jsimd_ycc_rgb_convert_neon del archivo jsimd_arm64_neon.S, hay una posible escritura fuera de límites ... • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00047.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-2197
https://notcve.org/view.php?id=CVE-2019-2197
13 Nov 2019 — In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass due to an insecure default value. This could lead to local information disclosure of the user's contact list with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-138529441 En la función processPhonebookAccess del archivo CachedBluetoothDevice.java, hay una posible omisión de permisos debido a ... • https://source.android.com/security/bulletin/2019-11-01 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-2211
https://notcve.org/view.php?id=CVE-2019-2211
13 Nov 2019 — In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135269669 En la función createProjectionMapForQuery del archivo TvProvider.java, hay una posible inyección SQL. Esto podría conllevar a una divulgación de información local sin ser necesarios privileg... • https://source.android.com/security/bulletin/2019-11-01 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •