Lucene search
+L
AndroidMost viewed

612 matches found

android
android
•added 2017/05/01 12:0 a.m.•29 views

CVE-2014-9925

In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist...

9.3CVSS7.6AI score0.0046EPSS
Exploits0References2
android
android
•added 2017/03/01 12:0 a.m.•29 views

CVE-2017-0471

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...

9.3CVSS8.8AI score0.01422EPSS
Exploits0References4Affected Software1
android
android
•added 2017/02/01 12:0 a.m.•29 views

CVE-2017-0406

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...

9.3CVSS7.8AI score0.01856EPSS
Exploits0References5Affected Software1
android
android
•added 2017/01/01 12:0 a.m.•29 views

CVE-2016-8428

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01619EPSS
Exploits0References3
android
android
•added 2016/12/01 12:0 a.m.•29 views

CVE-2016-6915

Stack-based buffer overflow in nvhostjob.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5...

7.2CVSS6.3AI score0.00447EPSS
Exploits0References2
android
android
•added 2016/08/01 12:0 a.m.•29 views

CVE-2016-3842

The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28377352 and Qualcomm internal bug CR1002974...

9.3CVSS9AI score0.00411EPSS
Exploits0References2
android
android
•added 2016/04/02 12:0 a.m.•29 views

CVE-2016-0841

media/libmedia/mediametadataretriever.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mishandles cleared service binders, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a...

10CVSS9AI score0.0206EPSS
Exploits0References3Affected Software1
android
android
•added 2019/04/01 12:0 a.m.•28 views

CVE-2019-2028

In numerous hand-crafted functions in libmpeg2, NEON registers are not preserved. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0...

9.3CVSS7AI score0.01153EPSS
Exploits0References4Affected Software1
android
android
•added 2018/11/01 12:0 a.m.•28 views

CVE-2018-9537

In CAacDecoderDecodeFrame of aacdecode.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...

9.3CVSS7.5AI score0.01539EPSS
Exploits0References3Affected Software1
android
android
•added 2018/06/01 12:0 a.m.•28 views

CVE-2018-3569

A buffer over-read can occur during a fast initial link setup FILS connection in Android releases from CAF using the linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-06-05...

7.2CVSS3.7AI score0.00199EPSS
Exploits0References3
android
android
•added 2018/06/01 12:0 a.m.•28 views

CVE-2018-9357

In BNEPWrite of bnepapi.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1...

7.2CVSS5.8AI score0.00208EPSS
Exploits0References4Affected Software1
android
android
•added 2018/05/01 12:0 a.m.•28 views

CVE-2018-3580

Stack-based buffer overflow can occur In the WLAN driver if the pmkidcount value is larger than the PMKIDCache size in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel...

9.3CVSS5.8AI score0.00386EPSS
Exploits0References3
android
android
•added 2018/04/01 12:0 a.m.•28 views

CVE-2017-13282

In avrcctrlparsvendorrsp of avrcparsct.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1,...

10CVSS7.4AI score0.01725EPSS
Exploits0References4Affected Software1
android
android
•added 2018/03/01 12:0 a.m.•28 views

CVE-2017-13272

In alarmreadygeneric of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0,...

10CVSS6.1AI score0.0188EPSS
Exploits0References5Affected Software1
android
android
•added 2018/01/01 12:0 a.m.•28 views

CVE-2017-13179

In the ihevcdallocatestaticbufs and ihevcdcreate functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both pscodecobj and pscreateop-sivdcreateopt.pvhandle point to the same memory and pscodecobj could be freed without clearing pscreateop-sivdcreateopt.pvhandle...

10CVSS6.7AI score0.02352EPSS
Exploits0References4Affected Software1
android
android
•added 2017/11/01 12:0 a.m.•28 views

CVE-2017-0836

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64893226...

9.3CVSS9.4AI score0.01284EPSS
Exploits0References4Affected Software1
android
android
•added 2017/10/01 12:0 a.m.•28 views

CVE-2017-0810

A remote code execution vulnerability in the Android media framework libmpeg2. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38207066...

9.3CVSS9.3AI score0.01624EPSS
Exploits0References3Affected Software1
android
android
•added 2017/08/01 12:0 a.m.•28 views

CVE-2017-0715

A remote code execution vulnerability in the Android media framework libavc. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36998372...

9.3CVSS9.1AI score0.01096EPSS
Exploits0References4Affected Software1
android
android
•added 2017/08/01 12:0 a.m.•28 views

CVE-2017-0723

A remote code execution vulnerability in the Android media framework libavc. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37968755...

9.3CVSS9.1AI score0.01096EPSS
Exploits0References3Affected Software1
android
android
•added 2017/07/01 12:0 a.m.•28 views

CVE-2017-0679

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978...

9.3CVSS9.3AI score0.01096EPSS
Exploits0References4Affected Software1
android
android
•added 2017/07/01 12:0 a.m.•28 views

CVE-2017-0677

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36035074...

9.3CVSS9.3AI score0.01096EPSS
Exploits0References4Affected Software1
android
android
•added 2017/07/01 12:0 a.m.•28 views

CVE-2017-0676

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34896431...

9.3CVSS9.3AI score0.01096EPSS
Exploits0References4Affected Software1
android
android
•added 2017/06/01 12:0 a.m.•28 views

CVE-2015-9027

In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM...

9.3CVSS6.5AI score0.00597EPSS
Exploits0References2
android
android
•added 2017/06/01 12:0 a.m.•28 views

CVE-2014-9953

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714770...

10CVSS6.9AI score0.0113EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•28 views

CVE-2017-0588

A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within th...

9.3CVSS7.5AI score0.01532EPSS
Exploits0References4Affected Software1
android
android
•added 2017/05/01 12:0 a.m.•28 views

CVE-2015-9005

In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist...

9.3CVSS9.1AI score0.00522EPSS
Exploits0References2
android
android
•added 2017/04/01 12:0 a.m.•28 views

CVE-2017-0543

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

9.3CVSS8.9AI score0.01575EPSS
Exploits0References3Affected Software1
android
android
•added 2017/03/01 12:0 a.m.•28 views

CVE-2017-0472

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...

9.3CVSS8.8AI score0.01422EPSS
Exploits0References4Affected Software1
android
android
•added 2017/03/01 12:0 a.m.•28 views

CVE-2017-0504

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

9.3CVSS7.4AI score0.00863EPSS
Exploits0References3
android
android
•added 2017/03/01 12:0 a.m.•28 views

CVE-2016-2182

The BNbn2dec function in crypto/bn/bnprint.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly have unspecified other impact via unknown vectors...

7.5CVSS6.9AI score0.44218EPSS
Exploits1References3Affected Software1
android
android
•added 2017/03/01 12:0 a.m.•28 views

CVE-2017-0509

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing t...

9.3CVSS9.5AI score0.00761EPSS
Exploits0References3
android
android
•added 2017/02/01 12:0 a.m.•28 views

CVE-2017-0405

A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Surfaceflinge...

9.3CVSS7.9AI score0.01818EPSS
Exploits0References4Affected Software1
android
android
•added 2017/02/01 12:0 a.m.•28 views

CVE-2017-0429

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.00908EPSS
Exploits0References3
android
android
•added 2016/07/01 12:0 a.m.•28 views

CVE-2016-3774

The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008609 and MediaTek internal bug ALPS02703102...

9.3CVSS9.2AI score0.00421EPSS
Exploits0References2
android
android
•added 2016/07/01 12:0 a.m.•28 views

CVE-2016-2508

media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate certain track data, which allows remote attackers to execute arbitrary code or cause a denial of service memory...

9.3CVSS8.5AI score0.01667EPSS
Exploits0References4Affected Software1
android
android
•added 2016/07/01 12:0 a.m.•28 views

CVE-2016-2506

DRMExtractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate a certain offset value, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a...

10CVSS8.4AI score0.01666EPSS
Exploits0References3Affected Software1
android
android
•added 2016/04/02 12:0 a.m.•28 views

CVE-2016-0834

An unspecified media codec in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26220548...

10CVSS8.9AI score0.01512EPSS
Exploits0References2Affected Software1
android
android
•added 2014/11/14 12:0 a.m.•28 views

ObjectInputStream deserializable

In Android 5.0, java.io.ObjectInputStream did not check whether the Object that is being deserialized is actually serializable. That issue was fixed in Android 5.0. This means that when ObjectInputStream is used on untrusted inputs, an attacker can cause an instance of any class with a non-privat...

7.2CVSS3AI score0.24534EPSS
Exploits6References4Affected Software1
android
android
•added 2012/01/11 12:0 a.m.•28 views

TPSparkyRoot

A bug in chmod, mkdir and chown mean that they fail when the last element of their target path is a symlink...

1.7AI score
Exploits0References2Affected Software1
android
android
•added 2018/07/01 12:0 a.m.•27 views

CVE-2018-5872

While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur...

8.3CVSS4.2AI score0.00473EPSS
Exploits0References3
android
android
•added 2018/06/01 12:0 a.m.•27 views

CVE-2018-9373

...

0.8AI score0.00195EPSS
Exploits0References2
android
android
•added 2018/06/01 12:0 a.m.•27 views

CVE-2018-9355

In btadmsdpresult of btadmact.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0...

10CVSS6.8AI score0.02959EPSS
Exploits0References4Affected Software1
android
android
•added 2018/04/01 12:0 a.m.•27 views

CVE-2017-18128

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, improper access control while configuring MPU protecting error correction registers may potentially lead to exposure of related secured data...

7.8CVSS4.3AI score0.01006EPSS
Exploits0References2
android
android
•added 2018/01/01 12:0 a.m.•27 views

CVE-2017-13177

In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8....

10CVSS9AI score0.0242EPSS
Exploits0References3Affected Software1
android
android
•added 2017/12/01 12:0 a.m.•27 views

CVE-2017-6211

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of a downlink supplementary services message, a buffer overflow can occur...

10CVSS5.3AI score0.00785EPSS
Exploits0References2
android
android
•added 2017/11/01 12:0 a.m.•27 views

CVE-2017-0841

A remote code execution vulnerability in the Android system libutils. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37723026...

9.3CVSS8.1AI score0.01337EPSS
Exploits0References4Affected Software1
android
android
•added 2017/11/01 12:0 a.m.•27 views

CVE-2017-11013

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset in function UnpackCore is increased for each loop, while there is no boundary check against "pIe-arraybound"...

9.3CVSS4AI score0.00599EPSS
Exploits0References5
android
android
•added 2017/08/01 12:0 a.m.•27 views

CVE-2017-0721

A remote code execution vulnerability in the Android media framework libmpeg2. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37561455...

9.3CVSS9.3AI score0.01096EPSS
Exploits0References3Affected Software1
android
android
•added 2017/08/01 12:0 a.m.•27 views

CVE-2017-0720

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37430213...

9.3CVSS9.4AI score0.01378EPSS
Exploits0References4Affected Software1
android
android
•added 2017/05/01 12:0 a.m.•27 views

CVE-2017-0587

A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

9.3CVSS8.8AI score0.01532EPSS
Exploits0References4Affected Software1
Total number of security vulnerabilities612