Lucene search
+L
AndroidMost viewed

612 matches found

android
android
•added 2018/12/01 12:0 a.m.•32 views

CVE-2018-9556

In ParsePayloadHeader of payloadmetadata.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9...

10CVSS7.3AI score0.01962EPSS
Exploits0References3Affected Software1
android
android
•added 2018/07/01 12:0 a.m.•32 views

CVE-2018-9365

...

0.8AI score0.00246EPSS
Exploits0References4Affected Software1
android
android
•added 2018/05/01 12:0 a.m.•32 views

CVE-2018-3565

While sending a probe request indication in limsendsmeprobereqind in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel, a buffer overflow can occur...

9.3CVSS6.5AI score0.00386EPSS
Exploits0References3
android
android
•added 2018/04/01 12:0 a.m.•32 views

CVE-2017-13292

In wlgetassocies of wlcfg80211.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android...

10CVSS6.8AI score0.0165EPSS
Exploits0References3
android
android
•added 2018/03/01 12:0 a.m.•32 views

CVE-2017-13250

In ih264dfmtconv420spto420p of ih264dutils.c, there is an out of bound write due to a missing out of bounds check because of a multiplication error. This could lead to an remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product:...

9.3CVSS6.3AI score0.01113EPSS
Exploits0References3Affected Software1
android
android
•added 2018/02/01 12:0 a.m.•32 views

CVE-2017-13228

In function ih264drefidxreordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...

9.3CVSS7.1AI score0.01465EPSS
Exploits0References3Affected Software1
android
android
•added 2017/12/01 12:0 a.m.•32 views

CVE-2017-0872

A remote code execution vulnerability in the Android media framework libskia. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65290323...

9.3CVSS9.2AI score0.01437EPSS
Exploits0References3Affected Software1
android
android
•added 2017/10/01 12:0 a.m.•32 views

CVE-2017-0811

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37930177...

9.3CVSS9.4AI score0.01624EPSS
Exploits0References3Affected Software1
android
android
•added 2017/09/01 12:0 a.m.•32 views

CVE-2017-0763

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62534693...

9.3CVSS9.4AI score0.01053EPSS
Exploits0References3Affected Software1
android
android
•added 2017/06/01 12:0 a.m.•32 views

CVE-2014-9967

In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM...

9.3CVSS6.5AI score0.00585EPSS
Exploits0References2
android
android
•added 2017/04/01 12:0 a.m.•32 views

CVE-2014-9936

In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel...

7.6CVSS7.5AI score0.00572EPSS
Exploits0References2
android
android
•added 2017/04/01 12:0 a.m.•32 views

CVE-2015-8999

In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file...

9.3CVSS7.9AI score0.00625EPSS
Exploits0References2
android
android
•added 2017/03/01 12:0 a.m.•32 views

CVE-2017-0333

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01703EPSS
Exploits0References3
android
android
•added 2017/01/01 12:0 a.m.•32 views

CVE-2016-8425

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01619EPSS
Exploits0References3
android
android
•added 2017/01/01 12:0 a.m.•32 views

CVE-2016-8434

An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.2AI score0.01227EPSS
Exploits0References3
android
android
•added 2017/01/01 12:0 a.m.•32 views

CVE-2016-8435

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS9.8AI score0.01234EPSS
Exploits0References3
android
android
•added 2016/11/01 12:0 a.m.•32 views

CVE-2016-6727

The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code...

10CVSS8.5AI score0.02726EPSS
Exploits0References2
android
android
•added 2016/11/01 12:0 a.m.•32 views

CVE-2016-7912

Use-after-free vulnerability in the ffsusercopyworker function in drivers/usb/gadget/function/ffs.c in the Linux kernel before 4.5.3 allows local users to gain privileges by accessing an I/O data structure after a certain callback call...

9.3CVSS7AI score0.0211EPSS
Exploits0References3
android
android
•added 2016/11/01 12:0 a.m.•32 views

CVE-2016-6731

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which...

9.3CVSS9AI score0.00666EPSS
Exploits0References2
android
android
•added 2016/07/01 12:0 a.m.•32 views

CVE-2014-9795

app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices does not properly check for an integer overflow, which allows attackers to bypass intended access restrictions via crafted start and size values, aka Android internal bug 28820720 and Qualcomm internal bu...

10CVSS8.6AI score0.00584EPSS
Exploits0References4
android
android
•added 2016/07/01 12:0 a.m.•32 views

CVE-2016-3767

The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28169363 and MediaTek internal bug ALPS02689526...

9.3CVSS9.2AI score0.00412EPSS
Exploits0References2
android
android
•added 2016/06/01 12:0 a.m.•32 views

CVE-2016-2464

libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted mkv file, aka internal bug 23167726...

9.3CVSS8.7AI score0.01753EPSS
Exploits0References4Affected Software1
android
android
•added 2016/06/01 12:0 a.m.•32 views

CVE-2016-2062

The adrenoperfcounterquerygroup function in drivers/gpu/msm/adrenoperfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, uses an incorrect integer data type, which allows attackers to...

4.6CVSS7.8AI score0.00205EPSS
Exploits0References2
android
android
•added 2016/06/01 12:0 a.m.•32 views

CVE-2016-2465

The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407865...

9.3CVSS9.2AI score0.00502EPSS
Exploits0References2
android
android
•added 2016/05/01 12:0 a.m.•32 views

CVE-2016-2428

libAACdec/src/aacdecdrc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limit the number of threads, which allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via...

10CVSS8.7AI score0.0206EPSS
Exploits0References3Affected Software1
android
android
•added 2016/01/01 12:0 a.m.•32 views

CVE-2015-6640

The prctlsetvmaanonname function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service vma list corruption via a crafted application,...

9.3CVSS7.2AI score0.00729EPSS
Exploits0References3Affected Software1
android
android
•added 2015/12/01 12:0 a.m.•32 views

CVE-2015-6616

mediaserver in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bugs 24630158 and 23882800, a different vulnerability than CVE-2015-8505, CVE-2015-8506, and...

9.3CVSS8.7AI score0.02011EPSS
Exploits0References7Affected Software1
android
android
•added 2015/10/01 12:0 a.m.•32 views

CVE-2015-3872

libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 23346388...

10CVSS8.9AI score0.01858EPSS
Exploits0References3Affected Software1
android
android
•added 2015/08/01 12:0 a.m.•32 views

CVE-2015-1539

Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493...

10CVSS7.8AI score0.85792EPSS
Exploits0References3Affected Software1
android
android
•added 2013/09/05 12:0 a.m.•32 views

RageAgainstTheCage adb

adb fails to check setuid return code and this can be caused to fail by the shell user already having RLIMITNPROC processes...

1.3AI score
Exploits0References8Affected Software1
android
android
•added 2011/11/09 12:0 a.m.•32 views

zergRush

...

9.3CVSS1.1AI score0.11533EPSS
Exploits0References3Affected Software1
android
android
•added 2019/05/01 12:0 a.m.•31 views

CVE-2019-2046

In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...

10CVSS7.8AI score0.01334EPSS
Exploits0References4Affected Software1
android
android
•added 2019/02/01 12:0 a.m.•31 views

CVE-2018-11262

In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader-MaxPtCnt' and which could result in OO...

7.2CVSS3.3AI score0.00202EPSS
Exploits0References4
android
android
•added 2018/11/01 12:0 a.m.•31 views

CVE-2018-9527

In vorbisbookdecodevset of codebook.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

9.3CVSS7AI score0.01203EPSS
Exploits0References4Affected Software1
android
android
•added 2018/10/01 12:0 a.m.•31 views

CVE-2018-9476

In avrcparsbrowsingcmd of avrcparstg.cc, there is a possible use-after-free due to improper locking. This could lead to remote escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Version...

10CVSS7.2AI score0.02478EPSS
Exploits0References4Affected Software1
android
android
•added 2018/04/01 12:0 a.m.•31 views

CVE-2017-13281

In avrcparsbrowsingcmd of avrcparstg.cc, there is a possible stack buffer overflow due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1...

10CVSS7.4AI score0.01793EPSS
Exploits0References4Affected Software1
android
android
•added 2018/04/01 12:0 a.m.•31 views

CVE-2014-9996

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, while verifying provisioning, a buffer overflow can occur...

10CVSS4.7AI score0.01354EPSS
Exploits0References2
android
android
•added 2018/04/01 12:0 a.m.•31 views

CVE-2017-13267

In avrcparsvendorcmd of avrcparstg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0...

10CVSS6.6AI score0.0165EPSS
Exploits0References4Affected Software1
android
android
•added 2018/04/01 12:0 a.m.•31 views

CVE-2018-3591

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SDM630, SDM636,...

10CVSS1.5AI score0.01252EPSS
Exploits0References2
android
android
•added 2018/03/01 12:0 a.m.•31 views

CVE-2017-15815

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a potential buffer overflow can happen when processing any 802.11 MGMT frames like Auth frame in limProcessAuthFrame...

10CVSS4.6AI score0.01468EPSS
Exploits0References3
android
android
•added 2017/09/01 12:0 a.m.•31 views

CVE-2017-0761

A remote code execution vulnerability in the Android media framework libavc. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38448381...

9.3CVSS9.1AI score0.01323EPSS
Exploits0References4Affected Software1
android
android
•added 2017/09/01 12:0 a.m.•31 views

CVE-2017-0758

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36492741...

9.3CVSS9.4AI score0.01323EPSS
Exploits0References4Affected Software1
android
android
•added 2017/07/01 12:0 a.m.•31 views

CVE-2017-0675

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34779227...

9.3CVSS9.3AI score0.01096EPSS
Exploits0References5Affected Software1
android
android
•added 2017/07/01 12:0 a.m.•31 views

CVE-2017-0674

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231163...

9.3CVSS9.3AI score0.01096EPSS
Exploits0References4Affected Software1
android
android
•added 2017/04/01 12:0 a.m.•31 views

CVE-2015-9000

In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel...

9.3CVSS8.6AI score0.00578EPSS
Exploits0References2
android
android
•added 2017/03/01 12:0 a.m.•31 views

CVE-2017-0500

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

9.3CVSS7.4AI score0.00745EPSS
Exploits0References3
android
android
•added 2017/03/01 12:0 a.m.•31 views

CVE-2017-0470

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...

9.3CVSS8.8AI score0.01422EPSS
Exploits0References4Affected Software1
android
android
•added 2017/03/01 12:0 a.m.•31 views

CVE-2017-0474

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...

9.3CVSS8.8AI score0.02139EPSS
Exploits1References3Affected Software1
android
android
•added 2017/03/01 12:0 a.m.•31 views

CVE-2016-8486

An information disclosure vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823691...

5CVSS4AI score0.00745EPSS
Exploits0References2
android
android
•added 2017/03/01 12:0 a.m.•31 views

CVE-2017-0467

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...

9.3CVSS8.8AI score0.01422EPSS
Exploits0References5Affected Software1
Total number of security vulnerabilities612