Total
7074 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-2135 | 1 Google | 1 Android | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-125900276. | |||||
| CVE-2019-2129 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-124781927. | |||||
| CVE-2019-2116 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In save_attr_seq of sdp_discovery.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-117105007. | |||||
| CVE-2019-2101 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-111760968. | |||||
| CVE-2019-2088 | 1 Google | 1 Android | 2024-11-21 | 1.9 LOW | 5.5 MEDIUM |
| In StatsService, there is a possible out of bounds read. This could lead to local information disclosure if UBSAN were not enabled, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-143895055 | |||||
| CVE-2019-2079 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115509210 | |||||
| CVE-2019-2060 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112709994 | |||||
| CVE-2019-2058 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libAACdec, there is a possible out of bounds read. This could lead to remote information disclosure, with no additional execution privileges needed. User interaction is needed for exploitation.Product: Android Versions: Android-10 Android ID: A-136089102 | |||||
| CVE-2019-2053 | 1 Google | 1 Android | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-122074159 | |||||
| CVE-2019-2052 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In VisitPointers of heap.cc, there is a possible out-of-bounds read due to type confusion. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.1 Android-9 Android ID: A-117556606 | |||||
| CVE-2019-2051 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In heap of spaces.h, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure when processing a proxy auto config file with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-117555811 | |||||
| CVE-2019-2040 | 1 Google | 1 Android | 2024-11-21 | 4.7 MEDIUM | 5.0 MEDIUM |
| In rw_i93_process_ext_sys_info of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122316913. | |||||
| CVE-2019-2039 | 1 Google | 1 Android | 2024-11-21 | 4.7 MEDIUM | 5.0 MEDIUM |
| In rw_i93_sm_detect_ndef of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-121260197. | |||||
| CVE-2019-2038 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In rw_i93_process_sys_info of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-121259048. | |||||
| CVE-2019-2037 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out-of-bound read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-119870451. | |||||
| CVE-2019-2022 | 1 Google | 1 Android | 2024-11-21 | 7.1 HIGH | 6.5 MEDIUM |
| In rw_t3t_act_handle_fmt_rsp and rw_t3t_act_handle_sro_rsp of rw_t3t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120506143 | |||||
| CVE-2019-2021 | 1 Google | 1 Android | 2024-11-21 | 7.1 HIGH | 6.5 MEDIUM |
| In rw_t3t_act_handle_ndef_detect_rsp of rw_t3t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120428041 | |||||
| CVE-2019-2020 | 1 Google | 1 Android | 2024-11-21 | 7.1 HIGH | 6.5 MEDIUM |
| In llcp_dlc_proc_rr_rnr_pdu of llcp_dlc.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-116788646 | |||||
| CVE-2019-2019 | 1 Google | 1 Android | 2024-11-21 | 7.1 HIGH | 6.5 MEDIUM |
| In ce_t4t_data_cback of ce_t4t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-115635871 | |||||
| CVE-2019-25160 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 7.1 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Both errors are embarassingly simple, and the fixes are straightforward. As a FYI for anyone backporting this patch to kernels prior to v4.8, you'll want to apply the netlbl_bitmap_walk() patch to cipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn't exist before Linux v4.8. | |||||