Filtered by vendor Google
Subscribe
Total
11915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-9262 | 1 Google | 1 Android | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| In MPEG4Extractor, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111792351 | |||||
| CVE-2019-2123 | 1 Google | 1 Android | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible local execution of arbitrary code in a privileged process due to a memory overwrite. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9469 | 1 Google | 1 Android | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| In km_compute_shared_hmac of km4.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-130246677 | |||||
| CVE-2018-17463 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | |||||
| CVE-2019-20601 | 2 Google, Samsung | 6 Android, Exynos 7570, Exynos 7580 and 3 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos7570, 7580, 7870, 7880, and 8890 chipsets) software. RKP memory corruption causes an arbitrary write to protected memory. The Samsung ID is SVE-2019-13921-2 (May 2019). | |||||
| CVE-2019-9418 | 1 Google | 1 Android | 2020-08-24 | 7.1 HIGH | 6.5 MEDIUM |
| In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111450210 | |||||
| CVE-2018-21072 | 1 Google | 1 Android | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos chipsets) software. A kernel driver allows out-of-bounds Read/Write operations and possibly arbitrary code execution. The Samsung ID is SVE-2018-11358 (May 2018). | |||||
| CVE-2019-9381 | 1 Google | 1 Android | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In netd, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122677612 | |||||
| CVE-2019-9357 | 1 Google | 1 Android | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112662995 | |||||
| CVE-2019-14319 | 3 Apple, Google, Tiktok | 3 Iphone Os, Android, Tiktok | 2020-08-24 | 3.3 LOW | 6.5 MEDIUM |
| The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes. This allows an attacker to extract private sensitive information by sniffing network traffic. | |||||
| CVE-2019-9297 | 1 Google | 1 Android | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112890242 | |||||
| CVE-2019-1998 | 1 Google | 1 Android | 2020-08-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| In event_handler of keymaster_app.c, there is possible resource exhaustion due to a table being lost on reboot. This could lead to local denial of service that is not fixed by a factory reset, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-116055338. | |||||
| CVE-2019-9306 | 1 Google | 1 Android | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661348 | |||||
| CVE-2018-9488 | 1 Google | 1 Android | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9.0 Android ID: A-110107376. | |||||
| CVE-2019-2175 | 1 Google | 1 Android | 2020-08-24 | 4.4 MEDIUM | 7.8 HIGH |
| In checkAccess of SliceManagerService.java in Android 9, there is a possible permissions check bypass due to incorrect order of arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2019-5679 | 2 Google, Nvidia | 2 Android, Shield Experience | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader contains a vulnerability in nvtboot where the Trusted OS image is improperly authenticated, which may lead to code execution, denial of service, escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges | |||||
| CVE-2019-9443 | 1 Google | 1 Android | 2020-08-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the Android kernel in the vl53L0 driver there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege due to a set_fs() call without restoring the previous limit with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-20610 | 2 Google, Samsung | 8 Android, Exynos 7570, Exynos 7870 and 5 more | 2020-08-24 | 9.3 HIGH | 8.1 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets) software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 (April 2019). | |||||
| CVE-2019-9337 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204376 | |||||
| CVE-2019-2169 | 1 Google | 1 Android | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118492282 | |||||