Filtered by vendor Google
Subscriptions
Total
12084 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-0706 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-35195787. References: B-RB#120532. | ||||
| CVE-2017-13149 | 1 Google | 1 Android | 2024-09-16 | N/A |
| An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872. | ||||
| CVE-2018-12440 | 1 Google | 1 Boringssl | 2024-09-16 | N/A |
| BoringSSL through 2018-06-14 allows a memory-cache side-channel attack on DSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a DSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. | ||||
| CVE-2017-13170 | 1 Google | 1 Android | 2024-09-16 | N/A |
| An elevation of privilege vulnerability in the MediaTek display driver. Product: Android. Versions: Android kernel. Android ID A-36102397. References: M-ALPS03359280. | ||||
| CVE-2017-13285 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In SvoxSsmlParser and startElement of svox_ssml_parser.cpp, there is a possible out of bounds write due to an uninitialized buffer. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69177126. | ||||
| CVE-2018-5845 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A race condition in drm_atomic_nonblocking_commit() in the display driver can potentially lead to a Use After Free scenario in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | ||||
| CVE-2018-5383 | 3 Apple, Google, Redhat | 4 Iphone Os, Mac Os X, Android and 1 more | 2024-09-16 | N/A |
| Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. | ||||
| CVE-2017-13294 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A information disclosure vulnerability in the Android framework (aosp email application). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71814449. | ||||
| CVE-2017-13239 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Versions: 8.0. ID: A-66244132. | ||||
| CVE-2017-13236 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In the KeyStore service, there is a permissions bypass that allows access to protected resources. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-68217699. | ||||
| CVE-2018-5863 | 1 Google | 1 Android | 2024-09-16 | N/A |
| If userspace provides a too-large WPA RSN IE length in wlan_hdd_cfg80211_set_ie(), a buffer overflow occurs in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | ||||
| CVE-2017-13216 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-66954097. | ||||
| CVE-2015-9054 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced during GAL decoding. | ||||
| CVE-2017-0787 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37722970. References: B-V2017053104. | ||||
| CVE-2017-0874 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63315932. | ||||
| CVE-2017-13198 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A vulnerability in the Android media framework (ex) related to composition of frames lacking a color map. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68399117. | ||||
| CVE-2022-26528 | 3 Google, Linux, Realtek | 3 Android, Linux Kernel, Bluetooth Mesh Software Development Kit | 2024-09-16 | 6.5 Medium |
| Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service. | ||||
| CVE-2017-14905 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur. | ||||
| CVE-2012-1474 | 2 Google, Sdo | 2 Android, Youni Sms | 2024-09-16 | N/A |
| Unspecified vulnerability in the Youni SMS (com.snda.youni) application 2.1.0c and 2.1.0d for Android has unknown impact and attack vectors. | ||||
| CVE-2018-3598 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, insufficient validation of parameters from userspace in the camera driver can lead to information leak and out-of-bounds access. | ||||