Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7841 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-11075 | 1 Google | 1 Android | 2024-09-16 | N/A |
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if cmd_pkt and reg_pkt are called from different userspace threads, a use after free condition can potentially occur in wdsp_glink_write(). | ||||
CVE-2017-9682 | 1 Google | 1 Android | 2024-09-16 | N/A |
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in two KGSL driver functions can lead to a Use After Free condition. | ||||
CVE-2017-0735 | 1 Google | 1 Android | 2024-09-16 | N/A |
A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38239864. | ||||
CVE-2015-9037 | 1 Google | 1 Android | 2024-09-16 | N/A |
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read may occur in the processing of a downlink 3G NAS message. | ||||
CVE-2018-6241 | 1 Google | 1 Android | 2024-09-16 | N/A |
NVIDIA Tegra Gralloc module contains a vulnerability in driver in which it does not validate input parameter of the registerbuffer API, which may lead to arbitrary code execution, denial of service, or escalation of privileges. Android ID: A-62540032 Severity Rating: High Version: N/A. | ||||
CVE-2018-5854 | 1 Google | 1 Android | 2024-09-16 | N/A |
A stack-based buffer overflow can occur in fastboot from all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | ||||
CVE-2017-13192 | 1 Google | 1 Android | 2024-09-16 | N/A |
In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header.c a slice address of zero after the first slice could result in an infinite loop. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380202. | ||||
CVE-2017-9678 | 1 Google | 1 Android | 2024-09-16 | N/A |
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy(). | ||||
CVE-2017-17860 | 2 Google, Samsung | 3 Android, Gear S2, Gear S3 | 2024-09-16 | N/A |
In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone | ||||
CVE-2017-0729 | 1 Google | 1 Android | 2024-09-16 | N/A |
A elevation of privilege vulnerability in the Android media framework (mediadrmserver). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37710346. | ||||
CVE-2012-1404 | 2 Dolphin-browser, Google | 2 Dolphin Browser Mini, Android | 2024-09-16 | N/A |
Unspecified vulnerability in the Dolphin Browser Mini (com.dolphin.browser) application 2.2 for Android has unknown impact and attack vectors. | ||||
CVE-2018-5865 | 1 Google | 1 Android | 2024-09-16 | N/A |
While processing a debug log event from firmware in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur. | ||||
CVE-2017-13150 | 1 Google | 1 Android | 2024-09-16 | N/A |
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-38328132. | ||||
CVE-2017-3748 | 2 Google, Lenovo | 21 Android, Vibe A1600, Vibe A2560 and 18 more | 2024-09-16 | N/A |
On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device). | ||||
CVE-2017-13211 | 1 Google | 1 Android | 2024-09-16 | N/A |
In bta_scan_results_cb_impl of btif_ble_scanner.cc, there is possible resource exhaustion if a large number of repeated BLE scan results are received. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0. Android ID: A-65174158. | ||||
CVE-2017-13281 | 1 Google | 1 Android | 2024-09-16 | N/A |
In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible stack buffer overflow due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-71603262. | ||||
CVE-2017-13225 | 1 Google | 1 Android | 2024-09-16 | N/A |
In libMtkOmxVdec.so there is a possible heap buffer overflow. This could lead to a remote elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-38308024. References: M-ALPS03495789. | ||||
CVE-2011-2344 | 1 Google | 1 Android | 2024-09-16 | N/A |
Android Picasa in Android 3.0 and 2.x through 2.3.4 uses a cleartext HTTP session when transmitting the authToken obtained from ClientLogin, which allows remote attackers to gain privileges and access private pictures and web albums by sniffing the token from connections with picasaweb.google.com. | ||||
CVE-2017-0880 | 1 Google | 1 Android | 2024-09-16 | N/A |
A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID A-65646012. | ||||
CVE-2017-6296 | 2 Google, Nvidia | 3 Android, Shield Tv, Shield Tv Firmware | 2024-09-16 | N/A |
NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. This issue is rated as moderate. |