Lucene search
+L
AndroidMost viewed

612 matches found

android
android
•added 2017/09/01 12:0 a.m.•37 views

CVE-2017-0762

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62214264...

9.3CVSS9.4AI score0.01053EPSS
Exploits0References3Affected Software1
android
android
•added 2017/09/01 12:0 a.m.•37 views

CVE-2017-7065

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. The issue involves the "Wi-Fi" component. It allows remote attackers to execute arbitrary code on the Wi-Fi chip or cause a denial of service memory...

5.8CVSS7.1AI score0.01148EPSS
Exploits2References2
android
android
•added 2017/08/01 12:0 a.m.•37 views

CVE-2017-0722

A remote code execution vulnerability in the Android media framework h263 decoder. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37660827...

9.3CVSS8.7AI score0.01378EPSS
Exploits0References4Affected Software1
android
android
•added 2017/05/01 12:0 a.m.•37 views

CVE-2017-0592

A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution...

9.3CVSS7.5AI score0.01532EPSS
Exploits0References3Affected Software1
android
android
•added 2017/04/01 12:0 a.m.•37 views

CVE-2015-8998

In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel...

9.3CVSS8.3AI score0.00606EPSS
Exploits0References2
android
android
•added 2017/04/01 12:0 a.m.•37 views

CVE-2017-0539

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

9.3CVSS8.8AI score0.01575EPSS
Exploits0References4Affected Software1
android
android
•added 2017/03/01 12:0 a.m.•37 views

CVE-2016-9806

Race condition in the netlinkdump function in net/netlink/afnetlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service double free or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation...

7.2CVSS5AI score0.00365EPSS
Exploits0References3
android
android
•added 2017/03/01 12:0 a.m.•37 views

CVE-2017-0335

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01703EPSS
Exploits0References3
android
android
•added 2017/01/01 12:0 a.m.•37 views

CVE-2016-8422

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.3AI score0.00601EPSS
Exploits0References3
android
android
•added 2017/01/01 12:0 a.m.•37 views

CVE-2015-5706

Use-after-free vulnerability in the pathopenat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via OTMPFILE filesystem operations that leverage a duplicate cleanup operation...

4.6CVSS4.9AI score0.00436EPSS
Exploits0References3
android
android
•added 2017/01/01 12:0 a.m.•37 views

CVE-2016-8438

Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass Peripheral Image Loader PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR1023638...

10CVSS4.6AI score0.02251EPSS
Exploits0References2
android
android
•added 2016/10/01 12:0 a.m.•37 views

CVE-2016-3927

Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823244...

10CVSS9.7AI score0.00632EPSS
Exploits0References2
android
android
•added 2016/07/01 12:0 a.m.•37 views

CVE-2016-2503

The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28084795 and Qualcomm internal bug CR1006067...

9.3CVSS9AI score0.00479EPSS
Exploits0References2
android
android
•added 2016/07/01 12:0 a.m.•37 views

CVE-2015-8892

platform/msmshared/bootverifier.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to bypass intended access restrictions via a digest with trailing data, aka Android internal bug 28822807 and Qualcomm internal bug CR902998...

9.3CVSS6.7AI score0.00551EPSS
Exploits0References3
android
android
•added 2016/05/01 12:0 a.m.•37 views

CVE-2016-2431

The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 2013, and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 24968809...

9.3CVSS8.1AI score0.01782EPSS
Exploits0References2
android
android
•added 2016/04/02 12:0 a.m.•37 views

CVE-2016-1503

dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow via a malform...

10CVSS8.2AI score0.06344EPSS
Exploits0References3Affected Software1
android
android
•added 2016/03/01 12:0 a.m.•37 views

CVE-2016-0815

The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file...

10CVSS8.7AI score0.02822EPSS
Exploits0References3Affected Software1
android
android
•added 2016/02/01 12:0 a.m.•37 views

CVE-2016-0802

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted wireless control message packets, aka internal bug 25306181...

8.3CVSS8.7AI score0.01701EPSS
Exploits0References3Affected Software1
android
android
•added 2015/11/01 12:0 a.m.•37 views

CVE-2015-6609

libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted audio file, aka internal bug 22953624...

10CVSS8.5AI score0.0217EPSS
Exploits0References4Affected Software1
android
android
•added 2015/10/01 12:0 a.m.•37 views

CVE-2014-9028

Heap-based buffer overflow in streamdecoder.c in libFLAC before 1.3.1 allows remote attackers to execute arbitrary code via a crafted .flac file...

7.5CVSS8.7AI score0.09849EPSS
Exploits0References4Affected Software1
android
android
•added 2014/06/23 12:0 a.m.•37 views

keystore buffer

Stack-based buffer overflow in the encodekey function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended restrictions on cryptographic operations, via a long key name...

5.1CVSS7AI score0.01757EPSS
Exploits1References4Affected Software1
android
android
•added 2011/07/31 12:0 a.m.•37 views

Browser Cross-App Scripting

Android browser could be tricked into running javascript in the domain of a different app...

4.3CVSS1.8AI score0.04615EPSS
Exploits3References3Affected Software1
android
android
•added 2019/04/01 12:0 a.m.•36 views

CVE-2019-2250

Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCS605, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SM7150, SXR1130...

7.2CVSS3.3AI score0.00208EPSS
Exploits0References2
android
android
•added 2019/04/01 12:0 a.m.•36 views

CVE-2018-12004

Secure keypad is unlocked with secure display still intact in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650,...

4.9CVSS3.1AI score0.00204EPSS
Exploits0References2
android
android
•added 2019/02/01 12:0 a.m.•36 views

CVE-2019-1991

In btifdmdatacopy of btifcore.cc, there is a possible out of bounds write due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

9.3CVSS7.6AI score0.02027EPSS
Exploits0References5Affected Software1
android
android
•added 2018/12/01 12:0 a.m.•36 views

CVE-2018-9555

In l2clccprocpdu of l2cfcr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

8.3CVSS6.6AI score0.00676EPSS
Exploits0References4Affected Software1
android
android
•added 2018/11/01 12:0 a.m.•36 views

CVE-2018-9531

In AudioSpecificConfigParse of tpdecasc.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android...

9.3CVSS7AI score0.01128EPSS
Exploits0References3Affected Software1
android
android
•added 2018/10/01 12:0 a.m.•36 views

CVE-2018-9496

In ixheaacdrealsynthfftp3 of ixheaacdesbrfft.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9.0 Androi...

9.3CVSS7AI score0.01822EPSS
Exploits0References3Affected Software1
android
android
•added 2018/10/01 12:0 a.m.•36 views

CVE-2018-9473

In ihevcdparseseipayload of ihevcdparseheaders.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Androi...

9.3CVSS7.6AI score0.01505EPSS
Exploits0References4Affected Software1
android
android
•added 2018/09/01 12:0 a.m.•36 views

CVE-2018-5866

While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660...

7.2CVSS2.8AI score0.00229EPSS
Exploits0References2
android
android
•added 2018/07/01 12:0 a.m.•36 views

CVE-2018-9433

...

0.8AI score0.00246EPSS
Exploits0References3Affected Software1
android
android
•added 2018/04/01 12:0 a.m.•36 views

CVE-2017-13277

In ihevcdfmtconv of ihevcdfmtconv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,...

9.3CVSS7AI score0.01038EPSS
Exploits0References4Affected Software1
android
android
•added 2018/04/01 12:0 a.m.•36 views

CVE-2017-13284

In configsetstring of config.cc, it is possible to pair a second BT keyboard without user approval due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...

10CVSS6.3AI score0.0165EPSS
Exploits0References4Affected Software1
android
android
•added 2018/03/01 12:0 a.m.•36 views

CVE-2017-17773

In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MDM9206,MDM9607,MDM9650,SD 210/SD 212/SD 205,SD 400,SD 410/12,SD 425,SD 430,SD 450,SD 600,SD 602A,SD 615/16/SD 415,SD 617,SD 625,SD 650/52,SD 800,SD 808,SD 810,SD 820,SD 820Am,SD 835,SD 845,MSM8909W, improper input validation in...

10CVSS3.3AI score0.01488EPSS
Exploits0References2
android
android
•added 2018/03/01 12:0 a.m.•36 views

CVE-2017-13266

In avrcparsvendorcmd of avrcparstg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0,...

10CVSS7AI score0.0188EPSS
Exploits0References4Affected Software1
android
android
•added 2018/01/01 12:0 a.m.•36 views

CVE-2017-14911

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835, it is possible for the XBL loader to skip the authentication of device config...

10CVSS2.9AI score0.02307EPSS
Exploits0References2
android
android
•added 2017/12/01 12:0 a.m.•36 views

CVE-2017-13160

A remote code execution vulnerability in the Android system bluetooth. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362...

10CVSS7.6AI score0.01778EPSS
Exploits0References4Affected Software1
android
android
•added 2017/11/01 12:0 a.m.•36 views

CVE-2017-0834

A remote code execution vulnerability in the Android media framework libmpeg2. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63125953...

9.3CVSS9.3AI score0.01311EPSS
Exploits0References3Affected Software1
android
android
•added 2017/08/01 12:0 a.m.•36 views

CVE-2017-0745

A remote code execution vulnerability in the Android media framework avc decoder. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37079296...

9.3CVSS8.5AI score0.01378EPSS
Exploits0References4Affected Software1
android
android
•added 2017/07/01 12:0 a.m.•36 views

CVE-2017-0678

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36576151...

9.3CVSS9.3AI score0.01378EPSS
Exploits0References4Affected Software1
android
android
•added 2017/06/01 12:0 a.m.•36 views

CVE-2015-9009

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393600...

10CVSS6.9AI score0.01154EPSS
Exploits0References2
android
android
•added 2017/06/01 12:0 a.m.•36 views

CVE-2015-9008

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384689...

10CVSS6.9AI score0.01154EPSS
Exploits0References2
android
android
•added 2017/06/01 12:0 a.m.•36 views

CVE-2015-9014

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393750...

10CVSS6.9AI score0.01403EPSS
Exploits0References2
android
android
•added 2017/06/01 12:0 a.m.•36 views

CVE-2015-9013

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393251...

10CVSS6.9AI score0.01154EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•36 views

CVE-2015-9007

In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist...

9.3CVSS7.3AI score0.0046EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•36 views

CVE-2017-0590

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

9.3CVSS8.8AI score0.01532EPSS
Exploits0References4Affected Software1
android
android
•added 2017/04/01 12:0 a.m.•36 views

CVE-2017-0563

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing...

9.3CVSS7.7AI score0.00889EPSS
Exploits3References3
android
android
•added 2017/04/01 12:0 a.m.•36 views

CVE-2015-8997

In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel...

7.6CVSS7.4AI score0.00443EPSS
Exploits0References2
android
android
•added 2017/04/01 12:0 a.m.•36 views

CVE-2015-9002

In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel...

9.3CVSS8.3AI score0.00578EPSS
Exploits0References2
android
android
•added 2017/03/01 12:0 a.m.•36 views

CVE-2016-8487

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823724...

10CVSS6.9AI score0.01116EPSS
Exploits0References2
Total number of security vulnerabilities612