CVE-2019-2190

MEDIUM Year: 2019
CVSS v3 Score
4.3
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-119
View all →

Vulnerability Description

In LG's LAF component, there is a possible leak of information in a protected disk partition due to a missing bounds check. This could lead to local information disclosure via USB with User execution privileges needed. User interaction is not required for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-68771598

Related Vulnerabilities

CVE-2015-7115

MEDIUM
CVSS:4.3(Medium)

libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML doc...

CWE-1192015

CVE-2015-7116

MEDIUM
CVSS:4.3(Medium)

libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML doc...

CWE-1192015

CVE-2016-1626

MEDIUM
CVSS:4.3(Medium)

The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, miscalculates a certain layer index value, which allows remote attackers to cause a ...

CWE-1192016

CVE-2016-1957

MEDIUM
CVSS:4.3(Medium)

Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers...

CWE-1192016

CVE-2016-5400

MEDIUM
CVSS:4.3(Medium)

Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumptio...

CWE-1192016

CVE-2016-8030

MEDIUM
CVSS:4.3(Medium)

A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer ...

CWE-1192016