High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-20	CVE-2019-2128	Out-of-bounds Write vulnerability in Google Android In ACELP_4t64_fx of c4t64fx.c, there is a possible out of bounds write due to a missing bounds check. local low complexity google CWE-787	7.8
2019-08-20	CVE-2019-2127	Use After Free vulnerability in Google Android In AudioInputDescriptor::setClientActive of AudioInputDescriptor.cpp, there is possible memory corruption due to a use after free. local low complexity google CWE-416	7.8
2019-08-20	CVE-2019-2126	Double Free vulnerability in multiple products In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. network low complexity google fedoraproject canonical opensuse CWE-415	8.8
2019-08-20	CVE-2019-2125	Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In ChangeDefaultDialerDialog.java, there is a possible escalation of privilege due to an overlay attack. local low complexity google CWE-1021	7.3
2019-08-20	CVE-2019-2122	Permissions, Privileges, and Access Controls vulnerability in Google Android In LockTaskController.lockKeyguardIfNeeded of the LockTaskController.java, there was a difference in the handling of the default case between the WindowManager and the Settings. local low complexity google CWE-264	7.3
2019-08-20	CVE-2019-2121	Race Condition vulnerability in Google Android 9.0 In ActivityManagerService.attachApplication of ActivityManagerService, there is a possible race condition. local high complexity google CWE-362	7.0
2019-08-20	CVE-2019-2120	Insecure Default Initialization of Resource vulnerability in Google Android In OatFileAssistant::GenerateOatFile of oat_file_assistant.cc, there is a possible file corruption issue due to an insecure default value. local low complexity google CWE-1188	7.8
2019-08-14	CVE-2019-9506	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. low complexity google apple canonical debian opensuse redhat huawei CWE-327	8.1
2019-08-05	CVE-2019-3800	Information Exposure vulnerability in multiple products CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. local low complexity pivotal apigee newrelic microsoft appdynamics bluemedora contrastsecurity cyberark datadoghq datastax dynatrace forgerock google ibm pagerduty riverbed signalsciences wavefront tibco solace snyk samba splunk sumologic synopsys yugabyte anynines CWE-200	7.8
2019-07-08	CVE-2019-2116	Out-of-bounds Read vulnerability in Google Android In save_attr_seq of sdp_discovery.cc, there is a possible out-of-bound read due to a missing bounds check. network low complexity google CWE-125	7.5