CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-2052
https://notcve.org/view.php?id=CVE-2019-2052
08 May 2019 — In VisitPointers of heap.cc, there is a possible out-of-bounds read due to type confusion. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.1 Android-9 Android ID: A-117556606 En VisitPointers de heap.cc, hay una posible lectura fuera de límites debido a la confusión de tipo. Esto podría conducir a la divulgación de información remota s... • https://source.android.com/security/bulletin/2019-05-01 • CWE-125: Out-of-bounds Read CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2051
https://notcve.org/view.php?id=CVE-2019-2051
08 May 2019 — In heap of spaces.h, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure when processing a proxy auto config file with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-117555811 En la carga de spaces.h, hay una posible lectura fuera de límites debido a una comprobación de entrada inc... • https://source.android.com/security/bulletin/2019-05-01 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-2050
https://notcve.org/view.php?id=CVE-2019-2050
08 May 2019 — In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9 Android ID: A-121327323 En la interfaz tearDownClientInterface de WificondControl.java, hay un posible uso de memoria previamente liberada debido a un bloqueo inadecuado. Esto podría llevar a u... • https://source.android.com/security/bulletin/2019-05-01 • CWE-416: Use After Free CWE-667: Improper Locking •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-2049
https://notcve.org/view.php?id=CVE-2019-2049
08 May 2019 — In SendMediaUpdate and SendFolderUpdate of avrcp_service.cc, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9 Android ID: A-120445479 En SendMediaUpdate y SendFolderUpdate de avrcp_service.cc, hay un posible daño en la memoria debido a un acceso despues de liberarla. Esto podría llevar a u... • https://source.android.com/security/bulletin/2019-05-01 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2047
https://notcve.org/view.php?id=CVE-2019-2047
08 May 2019 — In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-117607414 En UpdateLoadElement de ic.cc, existe una posible escritura fuera de límites a causa de la confusión de tipo. Esto podría llevar a... • https://source.android.com/security/bulletin/2019-05-01 • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2019-2046
https://notcve.org/view.php?id=CVE-2019-2046
08 May 2019 — In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-117556220 En CalculateInstanceSizeForDerivedClass de objects.cc, es posible que se dañe la memoria a causa de un de... • https://source.android.com/security/bulletin/2019-05-01 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2019-2045
https://notcve.org/view.php?id=CVE-2019-2045
08 May 2019 — In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.1 Android-9 Android ID: A-117554758 En JSCallTyper de typer.cc, hay una escritura fuera de límites producto de una comprobación de límites incorrecta. Esto podría llevar a la eje... • https://source.android.com/security/bulletin/2019-05-01 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 6EXPL: 0CVE-2019-2044
https://notcve.org/view.php?id=CVE-2019-2044
08 May 2019 — In MakeMP>G4VideoCodecSpecificData of APacketSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-123701862 En MakeMP> G4VideoCodecSpecificData de APacketSource.cpp, se presenta una posible escritura fuera de l... • https://source.android.com/security/bulletin/2019-05-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2043
https://notcve.org/view.php?id=CVE-2019-2043
08 May 2019 — In SmsDefaultDialog.onStart of SmsDefaultDialog.java, there is a possible escalation of privilege due to an overlay attack. This could lead to local escalation of privilege, granting privileges to a local app without the user's informed consent, with no additional privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-120484087 En SmsDefaultDialog.onStart de SmsDefaultDialog.java, hay ... • http://www.securityfocus.com/bid/108240 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-2037
https://notcve.org/view.php?id=CVE-2019-2037
19 Apr 2019 — In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out-of-bound read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. • https://source.android.com/security/bulletin/2019-04-01 • CWE-125: Out-of-bounds Read •