Lucene search
+L
AndroidMost viewed

612 matches found

android
android
•added 2017/09/01 12:0 a.m.•34 views

CVE-2017-11041

In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another...

9.3CVSS8.3AI score0.00526EPSS
Exploits0References2
android
android
•added 2017/06/01 12:0 a.m.•34 views

CVE-2016-10335

In all Android releases from CAF using the Linux kernel, libtomcrypt was updated...

4.3CVSS5.4AI score0.00467EPSS
Exploits0References2
android
android
•added 2017/06/01 12:0 a.m.•34 views

CVE-2015-9026

In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM...

9.3CVSS6.5AI score0.00597EPSS
Exploits0References2
android
android
•added 2017/06/01 12:0 a.m.•34 views

CVE-2014-9960

In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API...

9.3CVSS9AI score0.00632EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•34 views

CVE-2014-9923

In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist...

9.3CVSS8.1AI score0.0046EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•34 views

CVE-2014-9930

In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist...

9.3CVSS8.3AI score0.0046EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•34 views

CVE-2014-9929

In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist...

9.3CVSS8AI score0.0046EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•34 views

CVE-2017-0591

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

9.3CVSS8.9AI score0.01532EPSS
Exploits0References3Affected Software1
android
android
•added 2017/04/01 12:0 a.m.•34 views

CVE-2016-10237

If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application TA in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory...

9.3CVSS2AI score0.00556EPSS
Exploits0References2
android
android
•added 2017/03/01 12:0 a.m.•34 views

CVE-2017-0508

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...

9.3CVSS9.3AI score0.01823EPSS
Exploits0References2
android
android
•added 2017/02/01 12:0 a.m.•34 views

CVE-2017-0428

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.00908EPSS
Exploits0References3
android
android
•added 2017/01/01 12:0 a.m.•34 views

CVE-2016-8432

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01537EPSS
Exploits0References3
android
android
•added 2016/11/01 12:0 a.m.•34 views

CVE-2016-6729

An elevation of privilege vulnerability in the Qualcomm bootloader in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, whi...

9.3CVSS7.5AI score0.00636EPSS
Exploits0References2
android
android
•added 2016/11/01 12:0 a.m.•34 views

CVE-2015-8961

The ext4journalstop function in fs/ext4/ext4jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service use-after-free by leveraging improper access to a certain error field...

9.3CVSS6.9AI score0.01999EPSS
Exploits0References3
android
android
•added 2016/08/01 12:0 a.m.•34 views

CVE-2014-9863

Integer underflow in the diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 2013 devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28768146 and Qualcomm internal bug CR549470...

9.3CVSS8.2AI score0.00544EPSS
Exploits0References3
android
android
•added 2016/04/02 12:0 a.m.•34 views

CVE-2016-0840

Multiple stack-based buffer underflows in decoder/ih264dparsecavlc.c in mediaserver in Android 6.x before 2016-04-01 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26399350...

10CVSS8.7AI score0.01652EPSS
Exploits0References3Affected Software1
android
android
•added 2016/03/01 12:0 a.m.•34 views

CVE-2016-0819

The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 25364034...

9.3CVSS7.6AI score0.00492EPSS
Exploits0References2Affected Software1
android
android
•added 2019/05/01 12:0 a.m.•33 views

CVE-2019-2045

In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

10CVSS6.1AI score0.01362EPSS
Exploits0References4Affected Software1
android
android
•added 2019/05/01 12:0 a.m.•33 views

CVE-2019-2047

In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

10CVSS6.5AI score0.01362EPSS
Exploits0References4Affected Software1
android
android
•added 2019/02/01 12:0 a.m.•33 views

CVE-2019-1987

In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

9.3CVSS6.6AI score0.01245EPSS
Exploits0References5Affected Software1
android
android
•added 2018/10/01 12:0 a.m.•33 views

CVE-2018-9497

In impeg2fmtconvyuv420ptoyuv420spuvav8 of impeg2formatconv.s there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions:...

9.3CVSS7AI score0.01568EPSS
Exploits0References4Affected Software1
android
android
•added 2017/09/01 12:0 a.m.•33 views

CVE-2017-0760

A remote code execution vulnerability in the Android media framework libstagefright. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37237396...

9.3CVSS7.9AI score0.01323EPSS
Exploits0References4Affected Software1
android
android
•added 2017/08/01 12:0 a.m.•33 views

CVE-2017-0718

A remote code execution vulnerability in the Android media framework mpeg2 decoder. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273547...

9.3CVSS8.7AI score0.01378EPSS
Exploits0References4Affected Software1
android
android
•added 2017/06/01 12:0 a.m.•33 views

CVE-2015-9024

In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications...

4.3CVSS6.7AI score0.00472EPSS
Exploits0References2
android
android
•added 2017/05/01 12:0 a.m.•33 views

CVE-2017-0331

An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9AI score0.00716EPSS
Exploits0References3
android
android
•added 2017/05/01 12:0 a.m.•33 views

CVE-2017-0589

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

9.3CVSS8.8AI score0.01532EPSS
Exploits0References4Affected Software1
android
android
•added 2017/04/01 12:0 a.m.•33 views

CVE-2015-9001

In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel...

4.3CVSS6.4AI score0.00505EPSS
Exploits0References2
android
android
•added 2017/04/01 12:0 a.m.•33 views

CVE-2014-9935

In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel...

9.3CVSS7.7AI score0.00656EPSS
Exploits0References2
android
android
•added 2017/03/01 12:0 a.m.•33 views

CVE-2017-0502

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

9.3CVSS7.4AI score0.00745EPSS
Exploits0References3
android
android
•added 2017/03/01 12:0 a.m.•33 views

CVE-2017-0338

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01718EPSS
Exploits0References3
android
android
•added 2017/03/01 12:0 a.m.•33 views

CVE-2017-0468

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...

9.3CVSS8.8AI score0.01422EPSS
Exploits0References5Affected Software1
android
android
•added 2017/02/01 12:0 a.m.•33 views

CVE-2016-8418

A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Product: Android. Versions:...

10CVSS6.9AI score0.0273EPSS
Exploits0References4
android
android
•added 2017/01/01 12:0 a.m.•33 views

CVE-2016-8429

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01619EPSS
Exploits0References3
android
android
•added 2016/12/01 12:0 a.m.•33 views

CVE-2016-6775

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.0179EPSS
Exploits0References2
android
android
•added 2016/10/01 12:0 a.m.•33 views

CVE-2016-3926

Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5, 5X, 6, and 6P devices has unknown impact and attack vectors, aka internal bug 28823953...

10CVSS9.7AI score0.00742EPSS
Exploits0References2
android
android
•added 2016/08/01 12:0 a.m.•33 views

CVE-2016-3840

Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-05 does not properly identify session reuse, which allows remote attackers to execute arbitrary code via unspecified vectors, aka internal bug 28751153...

10CVSS7.8AI score0.02136EPSS
Exploits0References3Affected Software1
android
android
•added 2016/07/01 12:0 a.m.•33 views

CVE-2014-9794

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-0973. Reason: This candidate is a reservation duplicate of CVE-2014-0973. Notes: All CVE users should reference CVE-2014-0973 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

7.2CVSS7.6AI score0.00384EPSS
Exploits0References3
android
android
•added 2016/07/01 12:0 a.m.•33 views

CVE-2016-3771

The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29007611 and MediaTek internal bug ALPS02703102...

9.3CVSS9.2AI score0.00421EPSS
Exploits0References2
android
android
•added 2016/05/01 12:0 a.m.•33 views

CVE-2016-2432

The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059...

9.3CVSS8.5AI score0.0039EPSS
Exploits0References2
android
android
•added 2016/05/01 12:0 a.m.•33 views

CVE-2016-2435

The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988...

9.3CVSS8.9AI score0.00515EPSS
Exploits0References2
android
android
•added 2016/04/02 12:0 a.m.•33 views

CVE-2016-0843

The Qualcomm ARM processor performance-event manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application, aka internal bug 25801197...

7.2CVSS8.3AI score0.00207EPSS
Exploits0References2Affected Software1
android
android
•added 2016/03/01 12:0 a.m.•33 views

CVE-2016-0818

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...

4.3CVSS5.5AI score0.00268EPSS
Exploits0References4Affected Software1
android
android
•added 2015/12/01 12:0 a.m.•33 views

CVE-2015-6634

The display drivers in Android before 5.1.1 LMY48Z allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 24163261...

9.3CVSS8.6AI score0.01858EPSS
Exploits0References6Affected Software1
android
android
•added 2015/10/01 12:0 a.m.•33 views

CVE-2015-3868

libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 23270724...

10CVSS8.9AI score0.02577EPSS
Exploits0References3Affected Software1
android
android
•added 2015/05/20 12:0 a.m.•33 views

Mate7 TrustZone Exploit

The tzdriver and TEEOS modules of the Huawei Mate 7 have vulnerabilities which may allow malicious apps to perform denial of service attacks, or gain privileges, by gaining access to the TEE...

7.6CVSS4AI score0.0092EPSS
Exploits0References2
android
android
•added 2014/01/10 12:0 a.m.•33 views

Qualcomm out of bounds camera

Out of bounds array access in camera driver CVE-2013-6123: The camera driver provides an ioctl system call interface to user space clients for communication. When processing this communication, the msmioctlserver, msmserversendctrl, and msmctrlcmddone functions use a user-supplied value as an ind...

6.9CVSS4.1AI score0.00299EPSS
Exploits1References3
android
android
•added 2018/12/01 12:0 a.m.•32 views

CVE-2018-9556

In ParsePayloadHeader of payloadmetadata.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9...

10CVSS7.3AI score0.01962EPSS
Exploits0References3Affected Software1
android
android
•added 2018/07/01 12:0 a.m.•32 views

CVE-2018-9365

...

0.8AI score0.00246EPSS
Exploits0References4Affected Software1
android
android
•added 2018/05/01 12:0 a.m.•32 views

CVE-2018-3565

While sending a probe request indication in limsendsmeprobereqind in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel, a buffer overflow can occur...

9.3CVSS6.5AI score0.00386EPSS
Exploits0References3
android
android
•added 2018/04/01 12:0 a.m.•32 views

CVE-2017-13292

In wlgetassocies of wlcfg80211.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android...

10CVSS6.8AI score0.0165EPSS
Exploits0References3
Total number of security vulnerabilities612