Information Technology Laboratory
National Vulnerability Database
National Vulnerability Database
NVD
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2019-9420 |
In libhevc, there is a possible out of bounds read due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111272481 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9419 |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111407544 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-9418 |
In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111450210 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 7.1 HIGH |
| CVE-2019-9417 |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111450079 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
| CVE-2019-9416 |
In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111804142 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9415 |
In libstagefright there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111805098 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9414 |
In wpa_supplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111893041 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9413 |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111935831 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-9412 |
In libSBRdec there is a possible out of bounds read due to incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112006096 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9411 |
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204845 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9410 |
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204443 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9409 |
In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112272091 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9408 |
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112380157 Published: September 27, 2019; 3:15:27 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9407 |
In notification management of the service manager, there is a possible permissions bypass. This could lead to local escalation of privilege by preventing user notification, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112434609 Published: September 27, 2019; 3:15:26 PM -0400 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
| CVE-2019-9406 |
In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112552517 Published: September 27, 2019; 3:15:26 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9405 |
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112890225 Published: September 27, 2019; 3:15:26 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2019-9404 |
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112923309 Published: September 27, 2019; 3:15:26 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-9403 |
In cn-cbor, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113512324 Published: September 27, 2019; 3:15:26 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9402 |
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115372550 Published: September 27, 2019; 3:15:26 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-9401 |
In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115375248 Published: September 27, 2019; 3:15:26 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |