| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
5351 |
CVE-2019-2241 |
20 |
|
|
2019-07-25 |
2019-07-26 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
While rendering the layout background, Error status check is not caught properly and also incorrect status handling is being done leading to unintended SUI behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX24, SXR1130 |
|
5352 |
CVE-2019-2240 |
388 |
|
|
2019-07-25 |
2019-07-26 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9531, QCA9880, QCA9886, QCA9980, QCN5502, QCS404, QCS605, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SDX24, SXR1130 |
|
5353 |
CVE-2019-2239 |
20 |
|
DoS |
2019-07-25 |
2019-07-26 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Sanity checks are missing in layout which can lead to SUI Corruption or can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, Snapdragon_High_Med_2016, SXR1130 |
|
5354 |
CVE-2019-2238 |
125 |
|
|
2019-07-25 |
2019-07-26 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Lack of check of data type can lead to subsequent loop-expression potentially go negative and the condition will still evaluate to true leading to buffer underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 8CX, SXR1130 |
|
5355 |
CVE-2019-2237 |
388 |
|
|
2019-07-25 |
2019-07-26 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Failure in taking appropriate action to handle the error case If keypad gpio deactivation fails leads to silent failure scenario and subsequent logic gets executed everytime in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 8CX, SXR1130 |
|
5356 |
CVE-2019-2236 |
476 |
|
|
2019-07-25 |
2019-07-26 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Null pointer dereference during secure application termination using specific application ids. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 |
|
5357 |
CVE-2019-2235 |
119 |
|
Overflow |
2019-07-25 |
2019-07-29 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow occurs when emulated RPMB is used due to sector size assumptions in the TA rollback protection logic. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 |
|
5358 |
CVE-2019-2191 |
200 |
|
+Info |
2019-09-27 |
2019-10-04 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. This could lead to local information disclosure via USB with User execution privileges needed. User interaction is not required for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-68770980 |
|
5359 |
CVE-2019-2190 |
200 |
|
+Info |
2019-09-27 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. This could lead to local information disclosure via USB with User execution privileges needed. User interaction is not required for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-68771598 |
|
5360 |
CVE-2019-2189 |
362 |
|
Mem. Corr. |
2019-09-27 |
2019-10-04 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In the Easel driver, there is possible memory corruption due to race conditions. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112312381 |
|
5361 |
CVE-2019-2188 |
362 |
|
Mem. Corr. |
2019-09-27 |
2019-10-04 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In the Easel driver, there is possible memory corruption due to race conditions. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112309571 |
|
5362 |
CVE-2019-2182 |
264 |
|
Exec Code |
2019-09-06 |
2019-09-09 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In the Android kernel in the kernel MMU code there is a possible execution path leaving some kernel text and rodata pages writable. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
|
5363 |
CVE-2019-2181 |
190 |
|
Overflow |
2019-09-05 |
2019-09-06 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In binder_transaction of binder.c in the Android kernel, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. |
|
5364 |
CVE-2019-2180 |
20 |
|
|
2019-09-05 |
2019-09-06 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation. |
|
5365 |
CVE-2019-2179 |
190 |
|
Overflow |
2019-09-05 |
2019-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In NDEF_MsgValidate of ndef_utils in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. |
|
5366 |
CVE-2019-2177 |
275 |
|
Exec Code Bypass |
2019-09-05 |
2019-09-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible device type confusion due to a permissions bypass. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. |
|
5367 |
CVE-2019-2175 |
275 |
|
Bypass |
2019-09-05 |
2019-09-06 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In checkAccess of SliceManagerService.java in Android 9, there is a possible permissions check bypass due to incorrect order of arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. |
|
5368 |
CVE-2019-2172 |
1187 |
|
|
2019-09-27 |
2019-10-01 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113035224 |
|
5369 |
CVE-2019-2171 |
665 |
|
|
2019-09-27 |
2019-09-27 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113035086 |
|
5370 |
CVE-2019-2170 |
665 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118615735 |
|
5371 |
CVE-2019-2169 |
665 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118492282 |
|
5372 |
CVE-2019-2168 |
665 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118492594 |
|
5373 |
CVE-2019-2167 |
665 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118615501 |
|
5374 |
CVE-2019-2166 |
665 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117661478 |
|
5375 |
CVE-2019-2165 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112712154 |
|
5376 |
CVE-2019-2164 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113263695 |
|
5377 |
CVE-2019-2163 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118138797 |
|
5378 |
CVE-2019-2162 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112713720 |
|
5379 |
CVE-2019-2161 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112553431 |
|
5380 |
CVE-2019-2160 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112715795 |
|
5381 |
CVE-2019-2159 |
787 |
|
Exec Code |
2019-09-27 |
2019-09-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112707186 |
|
5382 |
CVE-2019-2158 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118766492 |
|
5383 |
CVE-2019-2157 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112611363 |
|
5384 |
CVE-2019-2156 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112552816 |
|
5385 |
CVE-2019-2155 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117655547 |
|
5386 |
CVE-2019-2154 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117610057 |
|
5387 |
CVE-2019-2153 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112611181 |
|
5388 |
CVE-2019-2152 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118145923 |
|
5389 |
CVE-2019-2151 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117495174 |
|
5390 |
CVE-2019-2150 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117935831 |
|
5391 |
CVE-2019-2149 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113262406 |
|
5392 |
CVE-2019-2148 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113508105 |
|
5393 |
CVE-2019-2147 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116474108 |
|
5394 |
CVE-2019-2146 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112859714 |
|
5395 |
CVE-2019-2145 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112858430 |
|
5396 |
CVE-2019-2144 |
125 |
|
|
2019-09-27 |
2019-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112856493 |
|
5397 |
CVE-2019-2143 |
125 |
|
|
2019-09-27 |
2019-10-01 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114746174 |
|
5398 |
CVE-2019-2142 |
125 |
|
|
2019-09-27 |
2019-10-01 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112768568 |
|
5399 |
CVE-2019-2141 |
787 |
|
Exec Code |
2019-09-27 |
2019-10-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112705155 |
|
5400 |
CVE-2019-2140 |
1187 |
|
|
2019-09-27 |
2019-10-01 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In libxaac, there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112705708 |
