CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1451 CVE-2019-9323 862 2019-09-27 2019-10-01
5.0
None Remote Low Not required Partial None None
In the Wallpaper Manager service, there is a possible information disclosure due to a missing permission check. Any application can access wallpaper image with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-30770233
1452 CVE-2019-9322 908 2019-09-27 2020-08-24
4.3
None Remote Medium Not required Partial None None
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111128067
1453 CVE-2019-9321 909 2019-09-27 2019-10-01
4.3
None Remote Medium Not required Partial None None
In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111208713
1454 CVE-2019-9320 909 2019-09-27 2019-10-03
4.3
None Remote Medium Not required Partial None None
In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111761624
1455 CVE-2019-9319 909 2019-09-27 2019-09-30
4.3
None Remote Medium Not required Partial None None
In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762100
1456 CVE-2019-9318 909 2019-09-27 2019-10-01
4.3
None Remote Medium Not required Partial None None
In libhevc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111764725
1457 CVE-2019-9317 909 2019-09-27 2019-09-30
4.3
None Remote Medium Not required Partial None None
In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052258
1458 CVE-2019-9316 909 2019-09-27 2019-10-01
4.3
None Remote Medium Not required Partial None None
In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052432
1459 CVE-2019-9315 909 2019-09-27 2019-10-02
4.3
None Remote Medium Not required Partial None None
In libhevc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326216
1460 CVE-2019-9314 909 2019-09-27 2019-10-02
4.3
None Remote Medium Not required Partial None None
In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112329563
1461 CVE-2019-9313 909 2019-09-27 2019-10-04
4.3
None Remote Medium Not required Partial None None
In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112005441
1462 CVE-2019-9312 125 2019-09-27 2019-10-07
2.1
None Local Low Not required Partial None None
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-78288018
1463 CVE-2019-9311 190 DoS Overflow 2019-09-27 2019-10-01
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is a possible crash due to an integer overflow. This could lead to remote denial of service on incoming calls with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79431031
1464 CVE-2019-9310 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libFDK, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112891546
1465 CVE-2019-9309 787 2019-09-27 2019-10-02
4.4
None Local Medium Not required Partial Partial Partial
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117985575
1466 CVE-2019-9308 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661742
1467 CVE-2019-9307 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661893
1468 CVE-2019-9306 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661348
1469 CVE-2019-9305 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661835
1470 CVE-2019-9304 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112662270
1471 CVE-2019-9303 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libFDK, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661057
1472 CVE-2019-9302 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661356
1473 CVE-2019-9301 787 Exec Code Overflow 2019-09-27 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663384
1474 CVE-2019-9300 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661610
1475 CVE-2019-9299 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663886
1476 CVE-2019-9298 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112892194
1477 CVE-2019-9297 787 Exec Code Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112890242
1478 CVE-2019-9296 125 2019-09-27 2019-10-02
1.9
None Local Medium Not required Partial None None
In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112162089
1479 CVE-2019-9295 862 Bypass 2019-09-27 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
In com.android.apps.tag, there is a possible bypass of user interaction requirements due to a missing permission check. This could lead to a to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-36885811
1480 CVE-2019-9294 125 2019-09-27 2019-10-01
4.3
None Remote Medium Not required Partial None None
In libstagefright, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111764444
1481 CVE-2019-9293 125 2019-09-27 2019-10-01
4.3
None Remote Medium Not required Partial None None
In libstagefright, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117661116
1482 CVE-2019-9292 610 2019-09-27 2021-07-21
2.1
None Local Low Not required Partial None None
In the Activity Manager service, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of current foreground process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115384617
1483 CVE-2019-9291 770 Exec Code 2019-09-27 2019-10-01
6.8
None Remote Medium Not required Partial Partial Partial
In Bluetooth, there is a possible remote code execution due to an improper memory allocation. This could lead to remote code execution in Bluetooth with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112159179
1484 CVE-2019-9290 770 Mem. Corr. 2019-09-27 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
In tzdata there is possible memory corruption due to a mismatch between allocation and deallocation functions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113039724
1485 CVE-2019-9289 125 2019-09-27 2019-10-01
2.1
None Local Low Not required Partial None None
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79883824
1486 CVE-2019-9288 787 Exec Code 2019-09-27 2020-03-15
4.6
None Local Low Not required Partial Partial Partial
In libhidcommand_jni, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the USB service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android Versions: Android-10 Android ID: A-111363077
1487 CVE-2019-9287 125 2019-09-27 2019-10-04
2.1
None Local Low Not required Partial None None
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-78287084
1488 CVE-2019-9286 125 2019-09-27 2019-10-01
5.0
None Remote Low Not required Partial None None
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111213909
1489 CVE-2019-9285 125 DoS 2019-09-27 2019-10-02
5.0
None Remote Low Not required None None Partial
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111215315
1490 CVE-2019-9284 125 2019-09-27 2019-10-02
5.0
None Remote Low Not required Partial None None
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure, with no additional privileges required. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111850706
1491 CVE-2019-9283 20 DoS Exec Code 2019-09-27 2019-10-04
4.3
None Remote Medium Not required None None Partial
In AAC Codec, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663564
1492 CVE-2019-9282 125 2019-09-27 2019-10-02
4.3
None Remote Medium Not required Partial None None
In skia, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113211371
1493 CVE-2019-9281 22 Dir. Trav. Bypass 2019-09-27 2019-10-02
5.0
None Remote Low Not required None Partial None
In GoogleContactsSyncAdapter, there is a possible path traversal due to improper input sanitization. This could lead to a bypass of user interaction requirements with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-32748076
1494 CVE-2019-9280 Bypass 2019-09-27 2020-08-24
2.1
None Local Low Not required None Partial None
In keyguard, there is a possible escalation of privilege due to improper permission checks. This could lead to a local bypass of the keyguard under limited circumstances, with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-119322269
1495 CVE-2019-9279 476 DoS 2019-09-27 2019-10-01
5.0
None Remote Low Not required None None Partial
In the wifi hotspot service, there is a possible denial of service due to a null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110476382
1496 CVE-2019-9278 787 Overflow 2019-09-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774
1497 CVE-2019-9277 532 2019-09-27 2019-10-02
2.1
None Local Low Not required Partial None None
In the proc filesystem, there is a possible information disclosure due to log information disclosure. This could lead to local disclosure of app and browser activity with User execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-68016944
1498 CVE-2019-9276 787 2019-09-06 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
In the Android kernel in the synaptics_dsx_htc touchscreen driver there is a possible out of bounds write due to a use after free. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
1499 CVE-2019-9275 416 2019-09-06 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
In the Android kernel in the mnh driver there is a use after free due to improper locking. This could lead to escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
1500 CVE-2019-9274 787 2019-09-06 2019-09-09
4.6
None Local Low Not required Partial Partial Partial
In the Android kernel in the mnh driver there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Total number of vulnerabilities : 3865   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 (This Page)31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.