Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7841 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-0699 | 1 Google | 1 Android | 2024-09-17 | N/A |
A information disclosure vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36490809. | ||||
CVE-2018-9458 | 1 Google | 1 Android | 2024-09-17 | N/A |
In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window. This could lead to local escalation of privilege revealing the user's keypresses while the screen was locked with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-71786287. | ||||
CVE-2017-0827 | 1 Google | 1 Android | 2024-09-17 | N/A |
An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-62539960. References: M-ALPS03353876, M-ALPS03353861, M-ALPS03353869, M-ALPS03353867, M-ALPS03353872. | ||||
CVE-2019-1994 | 1 Google | 1 Android | 2024-09-17 | N/A |
In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-117770924. | ||||
CVE-2021-34425 | 5 Apple, Google, Linux and 2 more | 6 Iphone Os, Macos, Android and 3 more | 2024-09-17 | 4.7 Medium |
The Zoom Client for Meetings before version 5.7.3 (for Android, iOS, Linux, macOS, and Windows) contain a server side request forgery vulnerability in the chat\'s "link preview" functionality. In versions prior to 5.7.3, if a user were to enable the chat\'s "link preview" feature, a malicious actor could trick the user into potentially sending arbitrary HTTP GET requests to URLs that the actor cannot reach directly. | ||||
CVE-2017-14916 | 1 Google | 1 Android | 2024-09-17 | N/A |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated. | ||||
CVE-2017-0862 | 1 Google | 1 Android | 2024-09-17 | N/A |
An elevation of privilege vulnerability in the Upstream kernel kernel. Product: Android. Versions: Android kernel. Android ID: A-36006779. | ||||
CVE-2017-0687 | 1 Google | 1 Android | 2024-09-17 | N/A |
A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35583675. | ||||
CVE-2018-9437 | 1 Google | 1 Android | 2024-09-17 | N/A |
In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78656554. | ||||
CVE-2017-14896 | 1 Google | 1 Android | 2024-09-17 | N/A |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a memory allocation without a length field validation in the mobicore driver which can result in an undersize buffer allocation. Ultimately this can result in a kernel memory overwrite. | ||||
CVE-2018-5848 | 3 Debian, Google, Redhat | 8 Debian Linux, Android, Enterprise Linux and 5 more | 2024-09-17 | N/A |
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | ||||
CVE-2013-4669 | 5 Apple, Fortinet, Google and 2 more | 7 Mac Os X, Forticlient, Forticlient Lite and 4 more | 2024-09-17 | N/A |
FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, and before 4.0 on Android; FortiClient Lite before 4.3.4.461 on Windows; FortiClient Lite 2.0 through 2.0.0223 on Android; and FortiClient SSL VPN before 4.0.2258 on Linux proceed with an SSL session after determining that the server's X.509 certificate is invalid, which allows man-in-the-middle attackers to obtain sensitive information by leveraging a password transmission that occurs before the user warning about the certificate problem. | ||||
CVE-2017-11048 | 1 Google | 1 Android | 2024-09-17 | N/A |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a display driver function, a Use After Free condition can occur. | ||||
CVE-2016-10231 | 1 Google | 1 Android | 2024-09-17 | N/A |
An elevation of privilege vulnerability in the Qualcomm sound codec driver. Product: Android. Versions: Android kernel. Android ID: A-33966912. References: QC-CR#1096799. | ||||
CVE-2017-13222 | 1 Google | 1 Android | 2024-09-17 | N/A |
An information disclosure vulnerability in the Upstream kernel kernel. Product: Android. Versions: Android kernel. Android ID: A-38159576. | ||||
CVE-2017-13158 | 1 Google | 1 Android | 2024-09-17 | N/A |
An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32879915. | ||||
CVE-2017-15842 | 1 Google | 1 Android | 2024-09-17 | N/A |
Buffer might get used after it gets freed due to unlocking the mutex before freeing the buffer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | ||||
CVE-2017-0751 | 1 Google | 1 Android | 2024-09-17 | N/A |
An elevation of privilege vulnerability in the Qualcomm QCE driver. Product: Android. Versions: Android kernel. Android ID: A-36591162. References: QC-CR#2045061. | ||||
CVE-2017-11022 | 1 Google | 1 Android | 2024-09-17 | N/A |
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the probe requests originated from user's phone contains the information elements which specifies the supported wifi features. This shall impact the user's privacy if someone sniffs the probe requests originated by this DUT. Hence, control the presence of information elements using ini file. | ||||
CVE-2018-9498 | 1 Google | 1 Android | 2024-09-17 | N/A |
In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78354855 |