Lucene search
+L
AndroidMost viewed

612 matches found

android
android
•added 2019/05/01 12:0 a.m.•41 views

CVE-2018-13898

Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655,...

7.5CVSS1.8AI score0.00733EPSS
Exploits0References3
android
android
•added 2019/04/01 12:0 a.m.•41 views

CVE-2019-2029

In btmprocsmpcback of tmble.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2...

6.8CVSS6.6AI score0.00712EPSS
Exploits0References4Affected Software1
android
android
•added 2019/02/01 12:0 a.m.•41 views

CVE-2019-1986

In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in systemserver with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android...

9.3CVSS6.5AI score0.01502EPSS
Exploits0References6Affected Software1
android
android
•added 2018/12/01 12:0 a.m.•41 views

CVE-2017-11004

A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD...

2.1CVSS2.5AI score0.0021EPSS
Exploits0References2
android
android
•added 2018/06/01 12:0 a.m.•41 views

CVE-2018-9341

...

0.8AI score0.00398EPSS
Exploits0References4Affected Software1
android
android
•added 2017/12/01 12:0 a.m.•41 views

CVE-2017-13151

A remote code execution vulnerability in the Android media framework libmpeg2. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456...

9.3CVSS9.3AI score0.01437EPSS
Exploits0References3Affected Software1
android
android
•added 2017/06/01 12:0 a.m.•41 views

CVE-2016-10336

In all Android releases from CAF using the Linux kernel, some regions of memory were not protected during boot...

4.3CVSS5.2AI score0.00485EPSS
Exploits0References2
android
android
•added 2017/04/01 12:0 a.m.•41 views

CVE-2016-10238

In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue...

9.3CVSS8.5AI score0.00582EPSS
Exploits0References2
android
android
•added 2017/01/01 12:0 a.m.•41 views

CVE-2016-8443

Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: QC-CR964185...

7.2CVSS4.7AI score0.00324EPSS
Exploits0References2
android
android
•added 2017/01/01 12:0 a.m.•41 views

CVE-2016-8431

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01537EPSS
Exploits0References3
android
android
•added 2016/11/01 12:0 a.m.•41 views

CVE-2016-6728

An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise,...

9.3CVSS7AI score0.0124EPSS
Exploits1References2
android
android
•added 2016/11/01 12:0 a.m.•41 views

CVE-2016-7913

The xc2028setconfig function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service use-after-free via vectors involving omission of the firmware name from a certain data structure...

9.3CVSS5.9AI score0.02156EPSS
Exploits0References3
android
android
•added 2016/07/01 12:0 a.m.•41 views

CVE-2016-3742

decoder/ih264dprocessintramb.c in mediaserver in Android 6.x before 2016-07-01 mishandles intra mode, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 28165659...

7.5CVSS9AI score0.01075EPSS
Exploits0References3Affected Software1
android
android
•added 2015/10/01 12:0 a.m.•41 views

CVE-2015-3875

libutils in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted audio file, aka internal bug 22952485...

10CVSS8.5AI score0.0221EPSS
Exploits0References3Affected Software1
android
android
•added 2015/10/01 12:0 a.m.•41 views

CVE-2015-6604

libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 23129786...

10CVSS8.9AI score0.022EPSS
Exploits0References3Affected Software1
android
android
•added 2015/03/08 12:0 a.m.•41 views

libmsm memory corruption

A memory read exploit that uses a vulnerability in the camera driver...

2.9AI score
Exploits0References2
android
android
•added 2013/11/07 12:0 a.m.•41 views

Qualcomm Goodix driver procfs

Multiple memory corruption issues and race condition in Goodix gt915 touchscreen driver procfs handler CVE-2013-4740 CVE-2013-6122 QCIR-2013-00009-1: Multiple issues have been identified in the Goodix gt915 touchscreen driver for Android. The issues were found in the write handler of the procfs...

6.9CVSS2AI score0.00297EPSS
Exploits2References2
android
android
•added 2019/05/01 12:0 a.m.•40 views

CVE-2019-2256

An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

10CVSS2.5AI score0.01529EPSS
Exploits0References3
android
android
•added 2019/02/01 12:0 a.m.•40 views

CVE-2018-11289

Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

7.2CVSS3.1AI score0.00213EPSS
Exploits0References3
android
android
•added 2019/01/01 12:0 a.m.•40 views

CVE-2018-9583

In btaagparsecmer of btaagcmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the bluetooth server with no additional execution privileges...

10CVSS4.1AI score0.02262EPSS
Exploits0References4Affected Software1
android
android
•added 2019/01/01 12:0 a.m.•40 views

CVE-2018-11847

Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE kernel and compromise the whole TEE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon...

7.2CVSS2.1AI score0.0023EPSS
Exploits0References2
android
android
•added 2018/10/01 12:0 a.m.•40 views

CVE-2018-9504

In sdpcopyrawdata of sdpdiscovery.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:...

8.3CVSS7.2AI score0.00893EPSS
Exploits0References4Affected Software1
android
android
•added 2018/09/01 12:0 a.m.•40 views

CVE-2018-9475

...

0.8AI score0.00148EPSS
Exploits0References4Affected Software1
android
android
•added 2018/03/01 12:0 a.m.•40 views

CVE-2017-13248

In impeg2idctreconsse42 of impeg2idctreconsse42intr.c, there is an out of bound write due to a missing bounds check. This could lead to an remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0...

9.3CVSS6.9AI score0.01113EPSS
Exploits0References4Affected Software1
android
android
•added 2018/03/01 12:0 a.m.•40 views

CVE-2017-13256

In processservicesearchattrreq of sdpserver.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1,...

8.3CVSS6.9AI score0.00688EPSS
Exploits0References4Affected Software1
android
android
•added 2017/06/01 12:0 a.m.•40 views

CVE-2016-10333

In all Android releases from CAF using the Linux kernel, a sensitive system call was allowed to be called by HLOS...

4.3CVSS4.9AI score0.00467EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•40 views

CVE-2016-10297

In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist...

9.3CVSS7.5AI score0.00343EPSS
Exploits0References2
android
android
•added 2017/01/01 12:0 a.m.•40 views

CVE-2015-3288

mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service page tainting via a crafted application that triggers writing to page zero...

7.2CVSS6.2AI score0.00479EPSS
Exploits0References3
android
android
•added 2016/05/01 12:0 a.m.•40 views

CVE-2015-0570

Stack-based buffer overflow in the SETWPSIE IOCTL implementation in wlanhddhostapd.c in the WLAN aka Wi-Fi driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafte...

9.3CVSS8.9AI score0.01751EPSS
Exploits0References2
android
android
•added 2016/02/01 12:0 a.m.•40 views

CVE-2016-0804

The NuPlayer::GenericSource::notifyPreparedAndCleanup function in media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 improperly manages mDrmManagerClient objects, which allows remote attackers to execute arbitrary cod...

10CVSS8.8AI score0.02018EPSS
Exploits0References3Affected Software1
android
android
•added 2015/12/01 12:0 a.m.•40 views

CVE-2015-6619

The kernel in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, aka internal bug 23520714...

9.3CVSS8.9AI score0.00733EPSS
Exploits0References3Affected Software1
android
android
•added 2015/10/01 12:0 a.m.•40 views

CVE-2015-3871

libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 23031033...

10CVSS8.9AI score0.01858EPSS
Exploits0References3Affected Software1
android
android
•added 2015/10/01 12:0 a.m.•40 views

CVE-2015-6600

libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 22882938...

10CVSS8.9AI score0.0182EPSS
Exploits0References3Affected Software1
android
android
•added 2014/04/30 12:0 a.m.•40 views

pty race

The nttywrite function in drivers/tty/ntty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service memory corruption and system crash or gain privileges by triggering a race condition...

6.9CVSS2.1AI score0.22475EPSS
Exploits7References5
android
android
•added 2013/08/29 12:0 a.m.•40 views

Qualcomm Integer overflow camera

Integer overflow and signedness issue in camera JPEG engines CVE-2013-4736 QCIR-2013-00005-1: The JPEG engines that are part of the camera driver provide an ioctl system call interface to user space clients for communication. When processing hardware commands ioctl calls, the drivers are...

7.8CVSS3AI score0.01329EPSS
Exploits0References5
android
android
•added 2010/07/15 12:0 a.m.•40 views

exploid udev

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space...

7.2CVSS5.6AI score0.81528EPSS
Exploits12References3Affected Software1
android
android
•added 2019/07/17 12:0 a.m.•39 views

No SELinux in Android 4.3 and below

Android 4.3 and below do not use Security-Enhanced Linux SELinux for mandatory access control, which means that a process with root access can gain access to the kernel...

4.6AI score
Exploits0References3Affected Software1
android
android
•added 2019/02/01 12:0 a.m.•39 views

CVE-2018-6271

NVIDIA Tegra OpenMax driver libnvomx contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474...

9.3CVSS5.6AI score0.00631EPSS
Exploits0References3
android
android
•added 2019/02/01 12:0 a.m.•39 views

CVE-2019-1992

In btahlsdpqueryresults of btahlmain.cc, there is a possible use-after-free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

7.6CVSS7.2AI score0.01335EPSS
Exploits0References4Affected Software1
android
android
•added 2019/02/01 12:0 a.m.•39 views

CVE-2018-11945

Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...

7.5CVSS1.3AI score0.01352EPSS
Exploits0References2
android
android
•added 2018/12/01 12:0 a.m.•39 views

CVE-2018-9549

In lppTransposer of lpptran.cpp there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

9.3CVSS7.1AI score0.01089EPSS
Exploits0References4Affected Software1
android
android
•added 2018/09/01 12:0 a.m.•39 views

CVE-2018-11950

Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850...

7.2CVSS4.7AI score0.00208EPSS
Exploits0References2
android
android
•added 2018/08/01 12:0 a.m.•39 views

CVE-2018-9450

In avrcprocvendorcommand of avrcapi.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0...

9CVSS7AI score0.02739EPSS
Exploits0References4Affected Software1
android
android
•added 2018/07/01 12:0 a.m.•39 views

CVE-2018-11257

Permissions, Privileges, and Access Controls in TA in Snapdragon Mobile has an options that allows RPMB erase for secure devices in versions SD 210/SD 212/SD 205, SD 845, SD 850...

4.6CVSS5.9AI score0.00195EPSS
Exploits0References2
android
android
•added 2018/07/01 12:0 a.m.•39 views

CVE-2017-18171

Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD...

8.3CVSS3.8AI score0.00517EPSS
Exploits0References2
android
android
•added 2018/07/01 12:0 a.m.•39 views

CVE-2018-5874

While parsing an mp4 file, a stack-based buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear...

6.8CVSS4.5AI score0.00824EPSS
Exploits0References2
android
android
•added 2018/06/01 12:0 a.m.•39 views

CVE-2018-9356

In bnepdataind of bnepmain.c, there is a possible remote code execution due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0...

10CVSS6.7AI score0.03246EPSS
Exploits0References4Affected Software1
android
android
•added 2017/09/01 12:0 a.m.•39 views

CVE-2017-11121

On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205...

10CVSS2.5AI score0.02794EPSS
Exploits3References2
android
android
•added 2017/05/01 12:0 a.m.•39 views

CVE-2014-9924

In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur...

9.3CVSS8AI score0.0046EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•39 views

CVE-2016-10240

...

0.8AI score
Exploits0References2
Total number of security vulnerabilities612