Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-11-19 CVE-2018-9412 Unspecified vulnerability in Google Android
In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation.
local
low complexity
google
5.5
5.5
2024-11-19 CVE-2018-9417 Use After Free vulnerability in Google Android
In f_hidg_read and hidg_disable of f_hid.c, there is a possible use-after-free due to improper locking.
local
low complexity
google CWE-416
7.8
7.8
2024-11-19 CVE-2018-9419 Out-of-bounds Read vulnerability in Google Android
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
7.5
2024-11-19 CVE-2018-9420 Use of Uninitialized Resource vulnerability in Google Android
In BnCameraService::onTransact of CameraService.cpp, there is a possible information disclosure due to uninitialized data.
local
low complexity
google CWE-908
5.5
5.5
2024-11-19 CVE-2018-9421 Use of Uninitialized Resource vulnerability in Google Android
In writeInplace of Parcel.cpp, there is a possible information leak across processes, using Binder, due to uninitialized data.
local
low complexity
google CWE-908
5.5
5.5
2024-11-19 CVE-2018-9424 Out-of-bounds Write vulnerability in Google Android 8.0/8.1
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
7.8
2024-11-19 CVE-2018-9428 Use After Free vulnerability in Google Android 8.1
In startDevice of AAudioServiceStreamBase.cpp there is a possible out of bounds write due to a use after free.
local
low complexity
google CWE-416
7.8
7.8
2024-11-19 CVE-2018-9432 Unspecified vulnerability in Google Android
In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible permissions bypass.
local
low complexity
google
7.8
7.8
2024-11-19 CVE-2018-9433 Unspecified vulnerability in Google Android
In ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion due to improper input validation.
network
low complexity
google
8.8
8.8
2024-11-19 CVE-2023-27609 Cross-site Scripting vulnerability in Hyscaler WP Roles AT Registration
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NetTantra WP Roles at Registration allows Stored XSS.This issue affects WP Roles at Registration: from n/a through 0.23.
network
low complexity
hyscaler CWE-79
4.8
4.8