173 matches found
Out-of-bounds
In libstagefright, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-124253062...
Out-of-bounds
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114735603...
CVE-2018-9541
In avrcparsvendorrsp of avcrparsct.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...
CVE-2018-9516
In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android...
CVE-2017-0870
An elevation of privilege vulnerability in the Android framework libminikin. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62134807...
Google Android Mediaserver elevation of privilege vulnerability (CNVD-2016-07463)
Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. An elevation of privilege vulnerability exists in Google Android Mediaserver, which can be exploited by an attacker to gain elevated privileges...
CVE-2016-3861
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2016-0823
The pagemapopen function in fs/proc/taskmmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721...
Android Open Source Platform (AOSP) Browser UXSS
This module exploits a Universal Cross-Site Scripting UXSS vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on 'Android Open Source Platform AOSP Browser UXSS', 'Description' = %q This module exploits a Universal Cross-Site Scriptin...
Information disclosure
The COBIME application before 0.9.4 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem...
CVE-2012-1394
Unspecified vulnerability in the GO Email Widget com.gau.go.launcherex.gowidget.emailwidget application 1.3.1, 1.8, and 1.81 for Android has unknown impact and attack vectors...
Design/Logic Flaw
Unspecified vulnerability in the GO Note Widget com.gau.go.launcherex.gowidget.notewidget application 1.5 and 1.9 for Android has unknown impact and attack vectors...
CVE-2021-0044
...