| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2019-9461 |
200 |
|
+Info |
2019-09-06 |
2019-09-09 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
In the Android kernel in VPN routing there is a possible information disclosure. This could lead to remote information disclosure by an adjacent network attacker with no additional execution privileges needed. User interaction is not needed for exploitation. |
|
2 |
CVE-2019-9459 |
120 |
|
Overflow |
2019-09-27 |
2019-09-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In libttspico, there is a possible OOB write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79593569 |
|
3 |
CVE-2019-9418 |
400 |
|
DoS |
2019-09-27 |
2019-09-30 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111450210 |
|
4 |
CVE-2019-9384 |
732 |
|
Bypass |
2019-09-27 |
2019-10-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In LockPatternUtils, there is a possible escalation of privilege due to an improper permissions check. This could lead to local bypass of the Lockguard with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120568007 |
|
5 |
CVE-2019-9379 |
400 |
|
DoS |
2019-09-27 |
2019-09-30 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124329638 |
|
6 |
CVE-2019-9372 |
20 |
|
DoS |
2019-09-27 |
2019-09-30 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In libskia, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132782448 |
|
7 |
CVE-2019-9371 |
20 |
|
DoS |
2019-09-27 |
2019-09-30 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254 |
|
8 |
CVE-2019-9365 |
20 |
|
Exec Code |
2019-09-27 |
2019-09-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Bluetooth, there is a possible deserialization error due to missing string validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109838537 |
|
9 |
CVE-2019-9349 |
400 |
|
DoS |
2019-09-27 |
2019-10-01 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124330204 |
|
10 |
CVE-2019-9348 |
20 |
|
DoS |
2019-09-27 |
2019-09-30 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-128431761 |
|
11 |
CVE-2019-9345 |
264 |
|
|
2019-09-06 |
2019-09-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In the Android kernel in sdcardfs there is a possible violation of the separation of data between profiles due to shared mapping of obb files. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. |
|
12 |
CVE-2019-9301 |
190 |
|
Exec Code Overflow |
2019-09-27 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663384 |
|
13 |
CVE-2019-9275 |
416 |
|
|
2019-09-06 |
2019-09-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In the Android kernel in the mnh driver there is a use after free due to improper locking. This could lead to escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
|
14 |
CVE-2019-9266 |
787 |
|
|
2019-09-27 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In sensorservice, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-119501435 |
|
15 |
CVE-2019-9259 |
787 |
|
|
2019-09-27 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In the Bluetooth stack, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113575306 |
|
16 |
CVE-2019-9254 |
20 |
|
Exec Code |
2019-09-05 |
2019-09-06 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
|
17 |
CVE-2019-5037 |
190 |
|
DoS Overflow |
2019-08-20 |
2019-08-26 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
An exploitable denial-of-service vulnerability exists in the Weave certificate loading functionality of Nest Cam IQ Indoor camera, version 4620002. A specially crafted weave packet can cause an integer overflow and an out-of-bounds read on unmapped memory to occur, resulting in a denial of service. An attacker can send a specially crafted packet to trigger. |
|
18 |
CVE-2019-5036 |
284 |
|
DoS |
2019-08-20 |
2019-08-27 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary Weave Exchange Session to close, resulting in a denial of service. An attacker can send a specially crafted packet to trigger this vulnerability. |
|
19 |
CVE-2019-2178 |
787 |
|
|
2019-09-05 |
2019-09-06 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In rw_t4t_sm_read_ndef of rw_t4t in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC service with no additional execution privileges needed. User interaction is not needed for exploitation. |
|
20 |
CVE-2019-2174 |
416 |
|
|
2019-09-05 |
2019-09-06 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In SensorManager::assertStateLocked of SensorManager.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
|
21 |
CVE-2019-2135 |
125 |
|
|
2019-08-20 |
2019-08-26 |
7.1 |
None |
Remote |
Medium |
Not required |
Complete |
None |
None |
|
In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-125900276. |
|
22 |
CVE-2019-2128 |
264 |
|
|
2019-08-20 |
2019-08-22 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In ACELP_4t64_fx of c4t64fx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-132647222. |
|
23 |
CVE-2019-2127 |
416 |
|
Mem. Corr. |
2019-08-20 |
2019-08-22 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In AudioInputDescriptor::setClientActive of AudioInputDescriptor.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-124899895. |
|
24 |
CVE-2019-2120 |
264 |
|
|
2019-08-20 |
2019-08-26 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In OatFileAssistant::GenerateOatFile of oat_file_assistant.cc, there is a possible file corruption issue due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130821293. |
|
25 |
CVE-2019-2115 |
415 |
|
Mem. Corr. |
2019-09-05 |
2019-09-06 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |
|
26 |
CVE-2019-2112 |
416 |
|
Exec Code Mem. Corr. |
2019-07-08 |
2019-07-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In several functions of alarm.cc, there is possible memory corruption due to a use after free. This could lead to local code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-117997080. |
|
27 |
CVE-2019-2111 |
416 |
|
Exec Code Mem. Corr. |
2019-07-08 |
2019-07-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In loop of DnsTlsSocket.cpp, there is a possible heap memory corruption due to a use after free. This could lead to remote code execution in the netd server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122856181. |
|
28 |
CVE-2019-2098 |
264 |
|
Bypass |
2019-06-07 |
2019-06-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In areNotificationsEnabledForPackage of NotificationManagerService.java, there is a possible permissions bypass due to a missing permissions check. This could lead to local escalation of privilege, with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-128599467. |
|
29 |
CVE-2019-2096 |
415 |
|
Mem. Corr. |
2019-06-07 |
2019-06-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In EffectRelease of EffectBundle.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-123237974. |
|
30 |
CVE-2019-2095 |
362 |
|
Exec Code |
2019-06-07 |
2019-06-11 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
In callGenIDChangeListeners and related functions of SkPixelRef.cpp, there is a possible use after free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-124232283. |
|
31 |
CVE-2019-2092 |
264 |
|
Bypass |
2019-06-07 |
2019-06-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In isSeparateProfileChallengeAllowed of DevicePolicyManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-128599668. |
|
32 |
CVE-2019-2091 |
264 |
|
Bypass |
2019-06-07 |
2019-06-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In GetPermittedAccessibilityServicesForUser of DevicePolicyManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege, with no additional permissions required. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1. Android ID: A-128599660. |
|
33 |
CVE-2019-2052 |
125 |
|
|
2019-05-08 |
2019-05-08 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
In VisitPointers of heap.cc, there is a possible out-of-bounds read due to type confusion. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.1 Android-9 Android ID: A-117556606 |
|
34 |
CVE-2019-2051 |
125 |
|
|
2019-05-08 |
2019-05-09 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
In heap of spaces.h, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure when processing a proxy auto config file with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-117555811 |
|
35 |
CVE-2019-2050 |
416 |
|
|
2019-05-08 |
2019-05-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9 Android ID: A-121327323 |
|
36 |
CVE-2019-2049 |
416 |
|
Mem. Corr. |
2019-05-08 |
2019-05-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In SendMediaUpdate and SendFolderUpdate of avrcp_service.cc, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9 Android ID: A-120445479 |
|
37 |
CVE-2019-2030 |
416 |
|
Exec Code |
2019-04-19 |
2019-04-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In removeInterfaceAddress of NetworkController.cpp, there is a possible use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-119496789. |
|
38 |
CVE-2019-2025 |
416 |
|
|
2019-06-19 |
2019-06-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-116855682References: Upstream kernel |
|
39 |
CVE-2019-2024 |
416 |
|
|
2019-06-19 |
2019-08-13 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In em28xx_unregister_dvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111761954References: Upstream kernel |
|
40 |
CVE-2019-2023 |
264 |
|
Exec Code +Priv |
2019-06-19 |
2019-06-20 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-121035042Upstream kernel |
|
41 |
CVE-2019-2022 |
125 |
|
|
2019-06-19 |
2019-06-20 |
7.1 |
None |
Remote |
Medium |
Not required |
Complete |
None |
None |
|
In rw_t3t_act_handle_fmt_rsp and rw_t3t_act_handle_sro_rsp of rw_t3t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120506143 |
|
42 |
CVE-2019-2021 |
125 |
|
|
2019-06-19 |
2019-06-20 |
7.1 |
None |
Remote |
Medium |
Not required |
Complete |
None |
None |
|
In rw_t3t_act_handle_ndef_detect_rsp of rw_t3t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120428041 |
|
43 |
CVE-2019-2020 |
125 |
|
|
2019-06-19 |
2019-06-20 |
7.1 |
None |
Remote |
Medium |
Not required |
Complete |
None |
None |
|
In llcp_dlc_proc_rr_rnr_pdu of llcp_dlc.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-116788646 |
|
44 |
CVE-2019-2019 |
125 |
|
|
2019-06-19 |
2019-06-21 |
7.1 |
None |
Remote |
Medium |
Not required |
Complete |
None |
None |
|
In ce_t4t_data_cback of ce_t4t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-115635871 |
|
45 |
CVE-2019-2017 |
787 |
|
|
2019-06-19 |
2019-06-20 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-121035711 |
|
46 |
CVE-2019-2011 |
787 |
|
|
2019-06-19 |
2019-06-20 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In readNullableNativeHandleNoDup of Parcel.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-120084106 |
|
47 |
CVE-2019-2010 |
787 |
|
|
2019-06-19 |
2019-06-20 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-118152591 |
|
48 |
CVE-2019-2008 |
362 |
|
Mem. Corr. |
2019-06-19 |
2019-06-20 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
In createEffect of AudioFlinger.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-122309228 |
|
49 |
CVE-2019-1999 |
415 |
|
|
2019-02-28 |
2019-05-14 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196. |
|
50 |
CVE-2019-1985 |
264 |
|
Bypass |
2019-06-19 |
2019-06-20 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In findAvailSpellCheckerLocked of TextServicesManagerService.java, there is a possible way to bypass the warning dialog when selecting an untrusted spell checker due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0Android ID: A-118694079 |
