Filtered by vendor Google
Subscribe
Search
Total
9554 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-2156 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112552816 | |||||
| CVE-2019-2157 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112611363 | |||||
| CVE-2019-2158 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118766492 | |||||
| CVE-2019-9385 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120452956 | |||||
| CVE-2019-9403 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In cn-cbor, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113512324 | |||||
| CVE-2019-9412 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libSBRdec there is a possible out of bounds read due to incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112006096 | |||||
| CVE-2019-9327 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112050583 | |||||
| CVE-2019-9341 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214770 | |||||
| CVE-2019-9342 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214470 | |||||
| CVE-2019-9343 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112050983 | |||||
| CVE-2019-9346 | 1 Google | 1 Android | 2019-09-30 | 6.8 MEDIUM | 8.8 HIGH |
| In libstagefright, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128433933 | |||||
| CVE-2019-9348 | 1 Google | 1 Android | 2019-09-30 | 7.1 HIGH | 6.5 MEDIUM |
| In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128431761 | |||||
| CVE-2019-9353 | 1 Google | 1 Android | 2019-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-123024201 | |||||
| CVE-2019-9355 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115903122 | |||||
| CVE-2019-9367 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112106425 | |||||
| CVE-2019-9368 | 1 Google | 1 Android | 2019-09-30 | 2.1 LOW | 5.5 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79883568 | |||||
| CVE-2019-9387 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117569833 | |||||
| CVE-2019-9388 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117567437 | |||||
| CVE-2019-9389 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117567058 | |||||
| CVE-2019-9390 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117551475 | |||||
| CVE-2019-9413 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111935831 | |||||
| CVE-2019-9417 | 1 Google | 1 Android | 2019-09-30 | 2.1 LOW | 5.5 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111450079 | |||||
| CVE-2019-9419 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111407544 | |||||
| CVE-2019-9422 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214766 | |||||
| CVE-2019-9425 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110846194 | |||||
| CVE-2019-9431 | 1 Google | 1 Android | 2019-09-30 | 4.0 MEDIUM | 4.9 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with heap information written to the log with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109755179 | |||||
| CVE-2019-9434 | 1 Google | 1 Android | 2019-09-30 | 4.0 MEDIUM | 4.9 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with heap information written to the log with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80432895 | |||||
| CVE-2019-9435 | 1 Google | 1 Android | 2019-09-30 | 2.1 LOW | 5.5 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80146682 | |||||
| CVE-2019-9462 | 1 Google | 1 Android | 2019-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-91544774 | |||||
| CVE-2012-5376 | 1 Google | 1 Chrome | 2019-09-27 | 9.3 HIGH | 9.6 CRITICAL |
| The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112. | |||||
| CVE-2016-1645 | 3 Debian, Google, Opensuse | 5 Debian Linux, Chrome, Leap and 2 more | 2019-09-27 | 9.3 HIGH | 8.8 HIGH |
| Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data. | |||||
| CVE-2009-1690 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2019-09-26 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers." | |||||
| CVE-2010-1029 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2019-09-26 | 5.0 MEDIUM | N/A |
| Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences. | |||||
| CVE-2019-9456 | 1 Google | 1 Android | 2019-09-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-2102 | 1 Google | 1 Android | 2019-09-12 | 8.3 HIGH | 8.8 HIGH |
| In the Bluetooth Low Energy (BLE) specification, there is a provided example Long Term Key (LTK). If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired Android host due to improperly used crypto. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-128843052. | |||||
| CVE-2019-9451 | 1 Google | 1 Android | 2019-09-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the Android kernel in the touchscreen driver there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9245 | 1 Google | 1 Android | 2019-09-09 | 2.1 LOW | 4.4 MEDIUM |
| In the Android kernel in the f2fs driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9452 | 1 Google | 1 Android | 2019-09-09 | 2.1 LOW | 4.4 MEDIUM |
| In the Android kernel in SEC_TS touch driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9454 | 1 Google | 1 Android | 2019-09-09 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the Android kernel in i2c driver there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9248 | 1 Google | 1 Android | 2019-09-09 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9271 | 1 Google | 1 Android | 2019-09-09 | 4.4 MEDIUM | 6.4 MEDIUM |
| In the Android kernel in the mnh driver there is a race condition due to insufficient locking. This could lead to a use-after-free which could lead to escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9426 | 1 Google | 1 Android | 2019-09-09 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the Android kernel in Bluetooth there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9270 | 1 Google | 1 Android | 2019-09-09 | 4.6 MEDIUM | 7.8 HIGH |
| In the Android kernel in unifi and r8180 WiFi drivers there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9274 | 1 Google | 1 Android | 2019-09-09 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the Android kernel in the mnh driver there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9444 | 1 Google | 1 Android | 2019-09-09 | 2.1 LOW | 4.4 MEDIUM |
| In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9448 | 1 Google | 1 Android | 2019-09-09 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to a missing bounds check. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9449 | 1 Google | 1 Android | 2019-09-09 | 2.1 LOW | 4.4 MEDIUM |
| In the Android kernel in FingerTipS touchscreen driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-2103 | 1 Google | 1 Android | 2019-09-06 | 2.1 LOW | 5.5 MEDIUM |
| In Google Assistant in Android 9, there is a possible permissions bypass that allows the Assistant to take a screenshot of apps with FLAG_SECURE. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-2108 | 1 Google | 1 Android | 2019-09-06 | 9.3 HIGH | 7.8 HIGH |
| In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2019-2176 | 1 Google | 1 Android | 2019-09-06 | 9.3 HIGH | 7.8 HIGH |
| In ihevcd_parse_buffering_period_sei of ihevcd_parse_headers.c in Android 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. | |||||