Android Security Vulnerabilities
The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.
7CVSS
6.6AI Score
0.001EPSS
In the Embedded File System in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist.
7CVSS
6.7AI Score
0.001EPSS
In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist.
7.8CVSS
7.2AI Score
0.001EPSS
In Core Kernel in all Android releases from CAF using the Linux kernel, a Null Pointer Dereference vulnerability could potentially exist.
7.8CVSS
7.1AI Score
0.001EPSS
In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.
7.8CVSS
7.1AI Score
0.001EPSS
In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.
7.8CVSS
7.2AI Score
0.001EPSS
In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.
7.8CVSS
7.2AI Score
0.001EPSS
In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure vulnerability could potentially exist.
5.5CVSS
5.7AI Score
0.001EPSS
In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist.
7.8CVSS
7.2AI Score
0.001EPSS
In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist.
7.8CVSS
7.2AI Score
0.001EPSS
In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.
7.8CVSS
7.2AI Score
0.001EPSS
In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure Through Timing Discrepancy vulnerability could potentially exist.
5.5CVSS
5.7AI Score
0.001EPSS
In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist.
7.8CVSS
7.1AI Score
0.001EPSS
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714770.
9.8CVSS
8.8AI Score
0.003EPSS
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36388559.
9.8CVSS
8.7AI Score
0.003EPSS
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384686.
9.8CVSS
8.7AI Score
0.003EPSS
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36389611.
9.8CVSS
8.7AI Score
0.003EPSS
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36387564.
9.8CVSS
8.7AI Score
0.003EPSS
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384774.
9.8CVSS
8.7AI Score
0.003EPSS
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36383694.
9.8CVSS
8.7AI Score
0.003EPSS
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API.
7.8CVSS
7.6AI Score
0.001EPSS
In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection.
7.8CVSS
7.3AI Score
0.001EPSS
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of a DRM provisioning command.
7.8CVSS
7.4AI Score
0.001EPSS
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM.
7.8CVSS
7.7AI Score
0.001EPSS
In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality.
7.8CVSS
7.6AI Score
0.001EPSS
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of an SCM call.
7.8CVSS
7.5AI Score
0.001EPSS
In all Android releases from CAF using the Linux kernel, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists in Secure Display.
7CVSS
6.8AI Score
0.001EPSS
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM.
7.8CVSS
7.4AI Score
0.001EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the UIMDIAG interface.
9.8CVSS
8AI Score
0.001EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client may use an insecure cryptographic algorithm.
9.8CVSS
8.8AI Score
0.001EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow.
9.8CVSS
8.7AI Score
0.002EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts can potentially cause a NULL pointer dereference during an out-of-memory condition.
9.8CVSS
8.7AI Score
0.002EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine.
9.8CVSS
7.9AI Score
0.001EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths was missing in Keymaster.
9.8CVSS
7.9AI Score
0.001EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption.
9.8CVSS
7.8AI Score
0.001EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.
9.8CVSS
9AI Score
0.002EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in PlayReady DRM.
9.8CVSS
8.1AI Score
0.001EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE service.
9.8CVSS
8.1AI Score
0.001EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory.
9.8CVSS
7.7AI Score
0.001EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, a Sample App failed to check a length potentially leading to unauthorized access to secure memory.
9.8CVSS
7.7AI Score
0.001EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, an overflow check in the USB interface was insufficient during boot.
9.8CVSS
8.9AI Score
0.002EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient.
9.8CVSS
8.8AI Score
0.002EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration.
9.8CVSS
7.8AI Score
0.001EPSS
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA.
7CVSS
6.8AI Score
0.001EPSS
Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (...
7.4AI Score
0.01EPSS
audio/AudioPolicyManagerBase.cpp in Android before 5.1 allows attackers to cause a denial of service (audio_policy application outage) via a crafted application that provides a NULL device address.
5.5CVSS
5.2AI Score
0.0005EPSS
The media_server component in Android allows remote attackers to cause a denial of service via a crafted application.
5.5CVSS
5.3AI Score
0.001EPSS
Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via a crafted application, aka Android Bug ID 19261727.
7.8CVSS
7.5AI Score
0.0004EPSS
Integer overflow in the native_handle_create function in libcutils/native_handle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of service (Binder heap memory corruption) via a crafted application, aka internal bug 19334482.
6.9AI Score
0.001EPSS
Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors.
7.5CVSS
7.3AI Score
0.002EPSS