» 2019 » 9월

CVE-2019-13517

Posted on 2019년 9월 6일2019년 9월 7일 by admin

CVE-2019-13517

In Pyxis ES Versions 1.3.4 through to 1.6.1 and Pyxis Enterprise Server, with Windows Server Versions 4.4 through 4.12, a vulnerability has been identified where existing access privileges are not restricted in coordination with the expiration of access based on active directory user account changes when the device is joined to an AD domain.

Source: CVE-2019-13517

CVE-2019-15846

Posted on 2019년 9월 6일2019년 9월 6일 by admin

CVE-2019-15846

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.

Source: CVE-2019-15846

CVE-2019-9254

Posted on 2019년 9월 6일2019년 9월 6일 by admin

CVE-2019-9254

In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2019-9254

CVE-2019-2181

Posted on 2019년 9월 6일2019년 9월 6일 by admin

CVE-2019-2181

In binder_transaction of binder.c in the Android kernel, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Source: CVE-2019-2181

CVE-2019-2180

Posted on 2019년 9월 6일2019년 9월 6일 by admin

CVE-2019-2180

In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2019-2180

CVE-2019-2176

Posted on 2019년 9월 6일2019년 9월 6일 by admin

CVE-2019-2176

In ihevcd_parse_buffering_period_sei of ihevcd_parse_headers.c in Android 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

Source: CVE-2019-2176

CVE-2019-2178

Posted on 2019년 9월 6일2019년 9월 6일 by admin

CVE-2019-2178

In rw_t4t_sm_read_ndef of rw_t4t in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC service with no additional execution privileges needed. User interaction is not needed for exploitation.

Source: CVE-2019-2178

CVE-2019-2175

Posted on 2019년 9월 6일2019년 9월 6일 by admin

CVE-2019-2175

In checkAccess of SliceManagerService.java in Android 9, there is a possible permissions check bypass due to incorrect order of arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Source: CVE-2019-2175

CVE-2019-2177

Posted on 2019년 9월 6일2019년 9월 6일 by admin

CVE-2019-2177

In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible device type confusion due to a permissions bypass. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

Source: CVE-2019-2177

CVE-2019-2179

Posted on 2019년 9월 6일2019년 9월 6일 by admin

CVE-2019-2179

In NDEF_MsgValidate of ndef_utils in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Source: CVE-2019-2179