CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1351 CVE-2019-9427 416 2019-09-27 2019-10-01
2.1
None Local Low Not required Partial None None
In Bluetooth, there is a possible information disclosure due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110166350
1352 CVE-2019-9426 787 2019-09-06 2019-09-09
4.6
None Local Low Not required Partial Partial Partial
In the Android kernel in Bluetooth there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
1353 CVE-2019-9425 125 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110846194
1354 CVE-2019-9424 200 +Info 2019-09-27 2019-09-30
4.3
None Remote Medium Not required Partial None None
In the Screen Lock, there is a possible information disclosure due to an unusual root cause. In certain circumstances, the setting to hide the unlock pattern can be ignored. Product: AndroidVersions: Android-10Android ID: A-110941092
1355 CVE-2019-9423 787 2019-09-27 2020-12-05
4.6
None Local Low Not required Partial Partial Partial
In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android ID: A-110986616
1356 CVE-2019-9422 125 2019-09-27 2019-09-30
5.0
None Remote Low Not required Partial None None
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214766
1357 CVE-2019-9421 125 Overflow 2019-09-27 2020-08-24
1.9
None Local Medium Not required Partial None None
In libandroidfw, there is a possible OOB read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111215250
1358 CVE-2019-9420 125 DoS Overflow 2019-09-27 2020-08-24
4.3
None Remote Medium Not required None None Partial
In libhevc, there is a possible out of bounds read due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111272481
1359 CVE-2019-9419 125 2019-09-27 2019-09-30
5.0
None Remote Low Not required Partial None None
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111407544
1360 CVE-2019-9418 20 DoS 2019-09-27 2020-08-24
7.1
None Remote Medium Not required None None Complete
In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111450210
1361 CVE-2019-9417 125 2019-09-27 2019-09-30
2.1
None Local Low Not required Partial None None
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111450079
1362 CVE-2019-9416 1187 2019-09-27 2021-07-21
4.3
None Remote Medium Not required Partial None None
In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111804142
1363 CVE-2019-9415 1187 2019-09-27 2021-07-21
4.3
None Remote Medium Not required Partial None None
In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111805098
1364 CVE-2019-9414 20 2019-09-27 2019-10-02
4.3
None Remote Medium Not required Partial None None
In wpa_supplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111893041
1365 CVE-2019-9413 125 2019-09-27 2019-09-30
5.0
None Remote Low Not required Partial None None
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111935831
1366 CVE-2019-9412 125 2019-09-27 2019-09-30
4.3
None Remote Medium Not required Partial None None
In libSBRdec there is a possible out of bounds read due to incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112006096
1367 CVE-2019-9411 1187 2019-09-27 2021-07-21
4.3
None Remote Medium Not required Partial None None
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204845
1368 CVE-2019-9410 1187 2019-09-27 2021-07-21
4.3
None Remote Medium Not required Partial None None
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204443
1369 CVE-2019-9409 1187 2019-09-27 2021-07-21
4.3
None Remote Medium Not required Partial None None
In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112272091
1370 CVE-2019-9408 1187 2019-09-27 2021-07-21
4.3
None Remote Medium Not required Partial None None
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112380157
1371 CVE-2019-9407 Bypass 2019-09-27 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
In notification management of the service manager, there is a possible permissions bypass. This could lead to local escalation of privilege by preventing user notification, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112434609
1372 CVE-2019-9406 1187 2019-09-27 2021-07-21
4.3
None Remote Medium Not required Partial None None
In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112552517
1373 CVE-2019-9405 787 Exec Code Overflow 2019-09-27 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112890225
1374 CVE-2019-9404 20 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112923309
1375 CVE-2019-9403 125 2019-09-27 2019-09-30
4.3
None Remote Medium Not required Partial None None
In cn-cbor, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113512324
1376 CVE-2019-9402 119 DoS Overflow 2019-09-27 2021-07-21
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115372550
1377 CVE-2019-9401 20 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115375248
1378 CVE-2019-9400 476 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is a possible null pointer dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115509589
1379 CVE-2019-9399 326 2019-09-27 2021-07-21
4.3
None Remote Medium Not required Partial None None
The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115635664
1380 CVE-2019-9398 20 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115745406
1381 CVE-2019-9397 20 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115747410
1382 CVE-2019-9396 20 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115747155
1383 CVE-2019-9395 20 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116267405
1384 CVE-2019-9394 20 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116351796
1385 CVE-2019-9393 20 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116357965
1386 CVE-2019-9391 125 2019-09-27 2020-08-24
4.3
None Remote Medium Not required Partial None None
In libxaac, there is a possible out of bounds read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111050781
1387 CVE-2019-9390 125 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117551475
1388 CVE-2019-9389 125 DoS 2019-09-27 2019-09-30
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117567058
1389 CVE-2019-9388 125 2019-09-27 2019-09-30
5.0
None Remote Low Not required Partial None None
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117567437
1390 CVE-2019-9387 125 2019-09-27 2019-09-30
5.0
None Remote Low Not required Partial None None
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117569833
1391 CVE-2019-9386 787 2019-09-27 2019-10-02
6.9
None Local Medium Not required Complete Complete Complete
In NFC server, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122361874
1392 CVE-2019-9385 125 2019-09-27 2019-09-30
4.3
None Remote Medium Not required Partial None None
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120452956
1393 CVE-2019-9384 Bypass 2019-09-27 2020-08-24
7.2
None Local Low Not required Complete Complete Complete
In LockPatternUtils, there is a possible escalation of privilege due to an improper permissions check. This could lead to local bypass of the Lockguard with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120568007
1394 CVE-2019-9383 125 2019-09-27 2019-10-02
1.9
None Local Medium Not required Partial None None
In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120843827
1395 CVE-2019-9382 787 Exec Code 2019-09-27 2019-09-30
6.8
None Remote Medium Not required Partial Partial Partial
In libeffects, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120874654
1396 CVE-2019-9381 125 2019-09-27 2020-08-24
5.0
None Remote Low Not required Partial None None
In netd, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122677612
1397 CVE-2019-9380 862 2019-09-27 2019-10-02
4.3
None Remote Medium Not required None Partial None
In the settings UI, there is a possible spoofing vulnerability due to a missing permission check. This could lead to a user mistakenly changing permission settings with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-123700098
1398 CVE-2019-9379 20 DoS 2019-09-27 2020-08-24
7.1
None Remote Medium Not required None None Complete
In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124329638
1399 CVE-2019-9378 732 Bypass 2019-09-27 2019-10-03
4.6
None Local Low Not required Partial Partial Partial
In the Activity Manager service, there is a possible permission bypass due to incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124539196
1400 CVE-2019-9377 862 Bypass 2019-09-27 2019-10-07
2.1
None Local Low Not required Partial None None
In FingerprintService, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. This could lead to a local information disclosure of metadata about the biometrics of another user on the device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128599663
Total number of vulnerabilities : 3865   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 (This Page)29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.