Max CVSS 9.3 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-6271 9.3
NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-8
03-10-2019 - 00:03 13-02-2019 - 22:29
CVE-2018-6267 9.3
NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of pr
03-10-2019 - 00:03 13-02-2019 - 22:29
CVE-2019-1999 7.2
In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for ex
14-05-2019 - 23:29 28-02-2019 - 17:29
CVE-2018-6268 9.3
NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161.
02-04-2019 - 18:30 13-02-2019 - 22:29
CVE-2019-1992 7.6
In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use-after-free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product:
01-03-2019 - 16:50 28-02-2019 - 17:29
CVE-2019-1995 2.1
In ComposeActivityEmail of ComposeActivityEmail.java, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure, sending files accessible to AOSP Mail to a remote email reci
01-03-2019 - 16:49 28-02-2019 - 17:29
CVE-2019-1998 4.9
In event_handler of keymaster_app.c, there is possible resource exhaustion due to a table being lost on reboot. This could lead to local denial of service that is not fixed by a factory reset, with no additional execution privileges needed. User inte
01-03-2019 - 16:48 28-02-2019 - 17:29
CVE-2019-1996 3.3
In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not
01-03-2019 - 16:48 28-02-2019 - 17:29
CVE-2019-2000 7.2
In several functions of binder.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product:
01-03-2019 - 16:39 28-02-2019 - 17:29
CVE-2019-1991 9.3
In btif_dm_data_copy of btif_core.cc, there is a possible out of bounds write due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: And
01-03-2019 - 16:34 28-02-2019 - 17:29
CVE-2019-1997 5.0
In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User
01-03-2019 - 16:21 28-02-2019 - 17:29
CVE-2019-1994 9.3
In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, with no additional execution privileges needed. Use
01-03-2019 - 16:04 28-02-2019 - 17:29
CVE-2019-1993 7.2
In register_app of btif_hd.cc, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product
01-03-2019 - 15:58 28-02-2019 - 17:29
CVE-2019-1988 9.3
In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution in system_server with no additional execution privileges needed. User interaction is needed for exploitat
01-03-2019 - 15:56 28-02-2019 - 17:29
CVE-2019-2001 2.1
The permissions on /proc/iomem were world-readable. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android I
01-03-2019 - 15:54 28-02-2019 - 17:29
CVE-2019-1987 9.3
In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: A
01-03-2019 - 13:55 28-02-2019 - 17:29
CVE-2019-1986 9.3
In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges needed. User interaction
01-03-2019 - 12:47 28-02-2019 - 17:29
Back to Top Mark selected
Back to Top