Filtered by vendor Google
Subscriptions
Total
12097 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-0820 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62187433. | ||||
| CVE-2015-8592 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not validated prior to being dereferenced potentially resulting in Guest-OS memory corruption. | ||||
| CVE-2017-6424 | 1 Google | 1 Android | 2024-09-16 | N/A |
| An elevation of privilege vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-32086742. References: QC-CR#1102648. | ||||
| CVE-2017-0773 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37615911. | ||||
| CVE-2018-5836 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In wma_nan_rsp_event_handler() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the data_len value is received from firmware and not properly validated which could potentially lead to an out-of-bounds access. | ||||
| CVE-2017-9708 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the camera driver, the function "msm_ois_power_down" is called without a mutex and a race condition can occur in variable "*reg_ptr" of sub function "msm_camera_config_single_vreg". | ||||
| CVE-2017-0825 | 1 Google | 1 Android | 2024-09-16 | N/A |
| An information disclosure vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37305633. References: B-V2017063002. | ||||
| CVE-2022-25635 | 3 Google, Linux, Realtek | 3 Android, Linux Kernel, Bluetooth Mesh Software Development Kit | 2024-09-16 | 6.5 Medium |
| Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for broadcast network packet length. An unauthenticated attacker in the adjacent network can exploit this vulnerability to disrupt service. | ||||
| CVE-2015-9066 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an Inter-RAT procedure. | ||||
| CVE-2017-15845 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (negative value) from user space can potentially lead to the memory leak or buffer overflow during the WLAN cal data store operation. | ||||
| CVE-2017-6247 | 1 Google | 1 Android | 2024-09-16 | N/A |
| An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of local arbitrary code execution in a privileged process in the kernel. Product: Android. Versions: N/A. Android ID: A-34386301. References: N-CVE-2017-6247. | ||||
| CVE-2022-0317 | 1 Google | 1 Go-attestation | 2024-09-16 | 4 Medium |
| An improper input validation vulnerability in go-attestation before 0.3.3 allows local users to provide a maliciously-formed Quote over no/some PCRs, causing AKPublic.Verify to succeed despite the inconsistency. Subsequent use of the same set of PCR values in Eventlog.Verify lacks the authentication performed by quote verification, meaning a local attacker could couple this vulnerability with a maliciously-crafted TCG log in Eventlog.Verify to spoof events in the TCG log, hence defeating remotely-attested measured-boot. We recommend upgrading to Version 0.4.0 or above. | ||||
| CVE-2018-5853 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A race condition exists in a driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-05-05 potentially leading to a use-after-free condition. | ||||
| CVE-2017-14890 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the processing of an SWBA event, the vdev_map value is not properly validated leading to a potential buffer overwrite in function wma_send_bcn_buf_ll(). | ||||
| CVE-2017-14906 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, PKCS7 padding is not supported by the crypto storage APIs. | ||||
| CVE-2017-11064 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively. Android ID: A-36815952. References: QC-CR#2054770, QC-CR#2058447, QC-CR#2066628, QC-CR#2087785 | ||||
| CVE-2017-0693 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36993291. | ||||
| CVE-2018-5835 | 1 Google | 1 Android | 2024-09-16 | N/A |
| If the seq_len is greater then CSR_MAX_RSC_LEN, a buffer overflow in __wlan_hdd_cfg80211_add_key() may occur when copying keyRSC in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | ||||
| CVE-2017-0718 | 1 Google | 1 Android | 2024-09-16 | N/A |
| A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273547. | ||||
| CVE-2018-5899 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, whenever TDLS connection is setup, we are freeing the netbuf in ol_tx_completion_handler and after that, we are accessing it in NBUF_UPDATE_TX_PKT_COUNT causing a use after free. | ||||