Information Technology Laboratory
National Vulnerability Database
National Vulnerability Database
NVD
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2019-9358 |
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120156401 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 7.3 HIGH V2.0: 4.4 MEDIUM |
| CVE-2019-9357 |
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112662995 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2019-9356 |
In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111699773 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 5.0 MEDIUM V2.0: 1.9 LOW |
| CVE-2019-9355 |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115903122 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-9354 |
In NFC server, there's a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118148142 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9353 |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-123024201 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9352 |
In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124253062 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9351 |
In SyncStatusObserver, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. This could lead to local limited information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128599864 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 3.3 LOW V2.0: 2.1 LOW |
| CVE-2019-9350 |
In Keymaster, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129562815 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
| CVE-2019-9349 |
In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124330204 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 7.1 HIGH |
| CVE-2019-9348 |
In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128431761 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 7.1 HIGH |
| CVE-2019-9347 |
In the m4v_h263 codec, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109891727 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
| CVE-2019-9346 |
In libstagefright, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128433933 Published: September 27, 2019; 3:15:23 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2019-9344 |
In NFC server, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120845341 Published: September 27, 2019; 3:15:22 PM -0400 |
V3.1: 5.0 MEDIUM V2.0: 1.9 LOW |
| CVE-2019-9343 |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112050983 Published: September 27, 2019; 3:15:22 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-9342 |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214470 Published: September 27, 2019; 3:15:22 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-9341 |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214770 Published: September 27, 2019; 3:15:22 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
| CVE-2019-9338 |
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762686 Published: September 27, 2019; 3:15:22 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9337 |
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204376 Published: September 27, 2019; 3:15:22 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2019-9336 |
In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112326322 Published: September 27, 2019; 3:15:22 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |