612 matches found
CVE-2015-9010
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393101...
CVE-2016-10341
In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended...
CVE-2017-0590
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...
CVE-2014-9927
In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist...
CVE-2017-0588
A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within th...
CVE-2016-10240
...
CVE-2017-0587
A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...
CVE-2015-7555
Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service program crash via crafted image and logical screen width fields in a GIF file...
CVE-2016-10241
...
CVE-2015-9005
In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist...
CVE-2014-9925
In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist...
CVE-2016-10275
An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0604
An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require...
CVE-2016-10274
An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require...
CVE-2017-0589
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...
CVE-2016-9794
Race condition in the sndpcmperiodelapsed function in sound/core/pcmlib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted SNDRVPCMTRIGGERSTART command...
CVE-2014-9923
In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist...
CVE-2014-9928
In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist...
CVE-2014-9929
In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist...
CVE-2014-9930
In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist...
CVE-2016-10276
An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0592
A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution...
CVE-2015-9006
In Resource Power Manager RPM in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist...
CVE-2016-10297
In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist...
CVE-2015-9007
In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist...
CVE-2016-10277
An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing...
CVE-2014-9924
In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur...
CVE-2017-0331
An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2014-9926
In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist...
CVE-2017-0591
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...
CVE-2015-9000
In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel...
CVE-2017-0538
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...
CVE-2015-8996
In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel...
CVE-2017-0561
A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the context of the Wi-Fi SoC. Product: Android...
CVE-2016-10237
If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application TA in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory...
CVE-2017-0564
An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...
CVE-2014-9937
In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel...
CVE-2016-10230
A remote code execution vulnerability in the Qualcomm crypto driver. Product: Android. Versions: Android kernel. Android ID: A-34389927. References: QC-CR1091408...
CVE-2014-9932
In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation...
CVE-2016-10229
udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag...
CVE-2017-0543
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...
CVE-2016-10238
In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue...
CVE-2015-9002
In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel...
CVE-2015-8997
In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel...
CVE-2015-9003
In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel...
CVE-2017-0539
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...
CVE-2014-9935
In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel...
CVE-2015-8998
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel...
CVE-2015-9001
In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel...
CVE-2016-10242
A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel...