Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2019-09-05 CVE-2019-2115 Double Free vulnerability in Google Android
In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is possible memory corruption due to a double free.
local
low complexity
google CWE-415
7.8
7.8
2019-09-05 CVE-2019-2108 Out-of-bounds Write vulnerability in Google Android 10.0
In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
7.8
2019-08-20 CVE-2019-2134 Integer Overflow or Wraparound vulnerability in Google Android
In phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow.
local
low complexity
google CWE-190
7.8
7.8
2019-08-20 CVE-2019-2133 Out-of-bounds Write vulnerability in Google Android
In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
7.8
2019-08-20 CVE-2019-2132 Unspecified vulnerability in Google Android
It is possible to overlay the VPN dialog by a malicious application.
local
low complexity
google
7.8
7.8
2019-08-20 CVE-2019-2131 Insecure Default Initialization of Resource vulnerability in Google Android
An application with overlay permission can display overlays on top of settings UI.
local
low complexity
google CWE-1188
7.8
7.8
2019-08-20 CVE-2019-2128 Out-of-bounds Write vulnerability in Google Android
In ACELP_4t64_fx of c4t64fx.c, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
7.8
2019-08-20 CVE-2019-2127 Use After Free vulnerability in Google Android
In AudioInputDescriptor::setClientActive of AudioInputDescriptor.cpp, there is possible memory corruption due to a use after free.
local
low complexity
google CWE-416
7.8
7.8
2019-08-20 CVE-2019-2126 Double Free vulnerability in multiple products
In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer.
network
low complexity
google fedoraproject canonical opensuse CWE-415
8.8
8.8
2019-08-20 CVE-2019-2125 Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android
In ChangeDefaultDialerDialog.java, there is a possible escalation of privilege due to an overlay attack.
local
low complexity
google CWE-1021
7.3
7.3