Lucene search
+L
AndroidMost viewed

612 matches found

android
android
•added 2017/07/01 12:0 a.m.•36 views

CVE-2017-0678

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36576151...

9.3CVSS9.3AI score0.01378EPSS
Exploits0References4Affected Software1
android
android
•added 2017/06/01 12:0 a.m.•36 views

CVE-2015-9013

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393251...

10CVSS6.9AI score0.01154EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•36 views

CVE-2017-0590

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

9.3CVSS8.8AI score0.01532EPSS
Exploits0References4Affected Software1
android
android
•added 2017/05/01 12:0 a.m.•36 views

CVE-2014-9923

In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist...

9.3CVSS8.1AI score0.0046EPSS
Exploits0References2
android
android
•added 2017/04/01 12:0 a.m.•36 views

CVE-2017-0563

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing...

9.3CVSS7.7AI score0.00889EPSS
Exploits3References3
android
android
•added 2017/04/01 12:0 a.m.•36 views

CVE-2015-9002

In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel...

9.3CVSS8.3AI score0.00578EPSS
Exploits0References2
android
android
•added 2017/04/01 12:0 a.m.•36 views

CVE-2015-9003

In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel...

9.3CVSS5.9AI score0.00578EPSS
Exploits0References2
android
android
•added 2017/04/01 12:0 a.m.•36 views

CVE-2017-0564

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...

9.3CVSS9.3AI score0.04245EPSS
Exploits0References3
android
android
•added 2017/04/01 12:0 a.m.•36 views

CVE-2017-0542

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

9.3CVSS8.9AI score0.01575EPSS
Exploits0References3Affected Software1
android
android
•added 2017/04/01 12:0 a.m.•36 views

CVE-2017-0538

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

9.3CVSS8.9AI score0.01575EPSS
Exploits0References4Affected Software1
android
android
•added 2017/03/01 12:0 a.m.•36 views

CVE-2016-8479

An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.2AI score0.01606EPSS
Exploits0References3
android
android
•added 2017/01/01 12:0 a.m.•36 views

CVE-2016-8427

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01619EPSS
Exploits0References3
android
android
•added 2017/01/01 12:0 a.m.•36 views

CVE-2016-8442

Possible unauthorized memory access in the hypervisor. Lack of input validation could allow hypervisor memory to be accessed by the HLOS. Product: Android. Versions: Kernel 3.18. Android ID: A-31625910. QC-CR1038173...

7.2CVSS6.2AI score0.00371EPSS
Exploits0References2
android
android
•added 2017/01/01 12:0 a.m.•36 views

CVE-2016-8424

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01619EPSS
Exploits0References3
android
android
•added 2016/12/01 12:0 a.m.•36 views

CVE-2016-6776

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.0179EPSS
Exploits0References2
android
android
•added 2016/11/01 12:0 a.m.•36 views

CVE-2016-6732

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which...

9.3CVSS9AI score0.00666EPSS
Exploits0References2
android
android
•added 2016/11/01 12:0 a.m.•36 views

CVE-2016-6735

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which...

9.3CVSS9AI score0.00686EPSS
Exploits0References2
android
android
•added 2016/11/01 12:0 a.m.•36 views

CVE-2015-8961

The ext4journalstop function in fs/ext4/ext4jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service use-after-free by leveraging improper access to a certain error field...

9.3CVSS6.9AI score0.01999EPSS
Exploits0References3
android
android
•added 2016/08/01 12:0 a.m.•36 views

CVE-2015-2686

net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for 1 sendto and 2 recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copyfromiter function in the ioviter interface, as demonstrated by the Bluetooth...

7.2CVSS5.8AI score0.00385EPSS
Exploits0References3
android
android
•added 2016/06/01 12:0 a.m.•36 views

CVE-2016-2468

The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454...

9.3CVSS9AI score0.00762EPSS
Exploits0References2
android
android
•added 2016/05/01 12:0 a.m.•36 views

CVE-2016-2434

The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090...

9.3CVSS8.9AI score0.0125EPSS
Exploits1References2
android
android
•added 2016/01/01 12:0 a.m.•36 views

CVE-2015-6647

The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554...

9.3CVSS9AI score0.0069EPSS
Exploits0References2Affected Software1
android
android
•added 2015/10/01 12:0 a.m.•36 views

CVE-2015-6603

libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 23227354...

10CVSS8.9AI score0.01858EPSS
Exploits0References3Affected Software1
android
android
•added 2015/07/29 12:0 a.m.•36 views

Samsung WifiHs20UtilityService

A path traversal vulnerability was found in the WifiHs20UtilityService. This service is running on a Samsung S6 Edge device, and may be present on other Samsung device models. WifiHs20UtilityService reads any files placed in /sdcard/Download/cred.zip, and unzips this file into /data/bundle...

7.8CVSS4.9AI score0.0405EPSS
Exploits0References2
android
android
•added 2013/05/01 12:0 a.m.•36 views

Qualcomm Gandalf camera driver

The camera driver provides several interfaces to user space clients. The user space clients communicate to the kernel via syscalls such as ioctl or mmap. The camera driver provides an uncontrolled mmap interface that allows an application with access to the device file to map physical memory...

7.2CVSS3.7AI score0.00889EPSS
Exploits0References3
android
android
•added 2019/06/01 12:0 a.m.•35 views

CVE-2019-2094

In parseMPEGCCData of NuPlayerCCDecoder.cpp, there is a possible out of bounds write due to missing bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0...

9.3CVSS6.9AI score0.01092EPSS
Exploits0References4Affected Software1
android
android
•added 2019/04/01 12:0 a.m.•35 views

CVE-2018-13887

Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8909W, QCS605, Qualcomm 215,...

10CVSS1.9AI score0.01118EPSS
Exploits0References2
android
android
•added 2018/12/01 12:0 a.m.•35 views

CVE-2018-9551

In CAacDecoderInit of aacdecoder.cpp, there is a possible out-of-bound write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...

9.3CVSS7.5AI score0.01089EPSS
Exploits0References3Affected Software1
android
android
•added 2018/03/01 12:0 a.m.•36 views

CVE-2017-18067

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation while processing an encrypted authentication management frame in limsendauthmgmtframe leads to buffer overflow...

10CVSS5.1AI score0.03066EPSS
Exploits0References4
android
android
•added 2018/03/01 12:0 a.m.•35 views

CVE-2017-13249

In impeg2dapisetdisplayframe of impeg2dapimain.c, there is an out of bound write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1,...

9.3CVSS6.9AI score0.01113EPSS
Exploits0References4Affected Software1
android
android
•added 2018/03/01 12:0 a.m.•35 views

CVE-2017-13251

In impeg2ddecpicdatathread of impeg2ddechdr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when running multi threaded with no additional execution privileges needed. User interaction is needed for exploitation. Product:...

9.3CVSS6.1AI score0.00593EPSS
Exploits0References4Affected Software1
android
android
•added 2017/06/01 12:0 a.m.•35 views

CVE-2015-9015

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714120...

7.2CVSS6.9AI score0.00212EPSS
Exploits0References2
android
android
•added 2017/06/01 12:0 a.m.•35 views

CVE-2016-10338

In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing...

9.3CVSS5.9AI score0.00578EPSS
Exploits0References2
android
android
•added 2017/06/01 12:0 a.m.•35 views

CVE-2016-10334

In all Android releases from CAF using the Linux kernel, a dynamically-protected DDR region could potentially get overwritten...

4.3CVSS7AI score0.00467EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•35 views

CVE-2016-10274

An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require...

9.3CVSS8.3AI score0.00596EPSS
Exploits0References3
android
android
•added 2017/04/01 12:0 a.m.•35 views

CVE-2017-0541

A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

9.3CVSS8.4AI score0.04958EPSS
Exploits0References4Affected Software1
android
android
•added 2017/04/01 12:0 a.m.•35 views

CVE-2015-8996

In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel...

7.6CVSS7.8AI score0.00443EPSS
Exploits0References2
android
android
•added 2017/04/01 12:0 a.m.•35 views

CVE-2014-9937

In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel...

9.3CVSS9AI score0.00625EPSS
Exploits0References2
android
android
•added 2017/03/01 12:0 a.m.•35 views

CVE-2017-0337

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01703EPSS
Exploits0References3
android
android
•added 2017/03/01 12:0 a.m.•35 views

CVE-2017-0505

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

9.3CVSS7.4AI score0.01427EPSS
Exploits0References3
android
android
•added 2017/03/01 12:0 a.m.•35 views

CVE-2017-0475

An elevation of privilege vulnerability in the recovery verifier could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.4AI score0.0086EPSS
Exploits0References4Affected Software1
android
android
•added 2016/12/01 12:0 a.m.•35 views

CVE-2016-6916

Integer overflow in nvhostjob.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service system crash via unspecified vectors, which triggers a buffer overflow...

7.2CVSS6.5AI score0.00422EPSS
Exploits0References2
android
android
•added 2016/11/01 12:0 a.m.•35 views

CVE-2016-6725

A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel...

10CVSS4.9AI score0.026EPSS
Exploits0References3
android
android
•added 2016/05/01 12:0 a.m.•35 views

CVE-2016-2429

libFLAC/streamdecoder.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not prevent free operations on uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service heap memory corrupti...

10CVSS8.3AI score0.02018EPSS
Exploits0References3Affected Software1
android
android
•added 2016/01/01 12:0 a.m.•35 views

CVE-2015-6636

mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bugs 25070493 and 24686670...

10CVSS8.9AI score0.0206EPSS
Exploits0References4Affected Software1
android
android
•added 2011/12/29 12:0 a.m.•35 views

TacoRoot

HTC recovery log on some devices is world writable and so can be deleted and symlinked to /data/local.prop to allow root on reboot, this is a appears to be a unstable exploit and requires the user to reboot into recovery mode...

3.1AI score
Exploits0References4
android
android
•added 2019/06/01 12:0 a.m.•34 views

CVE-2018-13924

...

10CVSS0.8AI score0.01112EPSS
Exploits0References2
android
android
•added 2019/06/01 12:0 a.m.•34 views

CVE-2018-13927

...

7.2CVSS0.8AI score0.00182EPSS
Exploits0References2
android
android
•added 2019/03/01 12:0 a.m.•34 views

CVE-2019-1990

In ihevcdfmtconv420spto420p of ihevcdfmtconv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

9.3CVSS6.8AI score0.0137EPSS
Exploits0References3Affected Software1
android
android
•added 2018/07/01 12:0 a.m.•34 views

CVE-2018-5876

While parsing an mp4 file, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear...

6.8CVSS4.5AI score0.00824EPSS
Exploits0References2
Total number of security vulnerabilities612