CVE-2019-9434

CVE-2019-9434

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with heap information written to the log with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80432895

Source: CVE-2019-9434

CVE-2019-9438

CVE-2019-9438

In the Package Manager service, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of information about installed packages for other users with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-77821568

Source: CVE-2019-9438

CVE-2019-9463

CVE-2019-9463

In Platform, there is a possible bypass of user interaction requirements due to background app interception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113584607

Source: CVE-2019-9463

CVE-2019-9460

CVE-2019-9460

In mediaserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-62535446

Source: CVE-2019-9460

CVE-2019-9440

CVE-2019-9440

In AOSP Email, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure of the Email app’s protected files with User execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-37637796

Source: CVE-2019-9440