| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command registration table entries in diag_dbgfs_read_table. |
| A denial of service vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37094889. |
| In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications. |
| In all Android releases from CAF using the Linux kernel, a TZ memory address is exposed to HLOS by HDCP. |
| In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a pointer. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an incorrect length is used to clear a memory buffer resulting in adjacent memory getting corrupted. |
| A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36621442. |
| A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-35195787. References: B-RB#120532. |
| A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36998372. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read may occur in the processing of a downlink 3G NAS message. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall. |
| In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. |
| A elevation of privilege vulnerability in the Upstream Linux linux kernel. Product: Android. Versions: Android kernel. Android ID: A-36007735. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in LTE. |
| A remote code execution vulnerability in the Android libraries (libgdx). Product: Android. Versions: 7.1.1, 7.1.2, 8.0. Android ID: A-62218744. |
| A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page. |
| Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution. |
| An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62688399. |
| A remote code execution vulnerability in the Android media framework (avc decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37079296. |
