Lucene search
+L
GoogleAndroid

8153 matches found

CVE
CVE
added 2020/04/07 2:30 p.m.53 views

CVE-2017-18679

CVE-2017-18679 affects Samsung mobile devices running Android M (6.0). The issue arises from SLocation triggering a system crash when calling an API that is not implemented. The vulnerability impact is a denial of service via a crash, with an Availability impact of HIGH per CVSS 3.1 metrics, and ...

7.8CVSS7.4AI score0.00422EPSS
CVE
CVE
added 2017/09/21 3:0 p.m.52 views

CVE-2017-10996

CVE-2017-10996 affects Qualcomm devices running CAF Android builds that use the Linux kernel. The vulnerability is an out-of-bounds access in c_show() caused by compat_hwcap_str[] not being NULL-terminated. The issue could cause device crashes/reboots (memory violation/out-of-bounds access). The ...

7.1CVSS6AI score0.00432EPSS
CVE
CVE
added 2017/12/05 5:0 p.m.52 views

CVE-2017-11016

CVE-2017-11016 affects Android on MSM/CAF/Linux kernel variants, specifically when memory allocation fails during create_cal_block in calibration handling, leaving stale pointers. Connected Android bulletin detail positions CVE-2017-11016 under Qualcomm components for Pixel/Nexus devices and clas...

7.8CVSS7.1AI score0.00138EPSS
CVE
CVE
added 2017/11/16 10:0 p.m.52 views

CVE-2017-11023

Technical details (affected products, versions, root cause, and fixes) are not publicly provided in the supplied documents. Monitor for updates.

7.8CVSS7.1AI score0.00138EPSS
CVE
CVE
added 2017/12/05 5:0 p.m.52 views

CVE-2017-11044

The CVE-2017-11044 entry involves Android for MSM, Firefox OS for MSM, and QRD Android on CAF Linux kernel builds, where a race condition in a KGSL driver function can cause a Use-After-Free condition. The vulnerability is tied to a race in a KGSL driver path, leading to potential memory misuse. ...

7CVSS6.4AI score0.00098EPSS
CVE
CVE
added 2017/10/10 8:0 p.m.52 views

CVE-2017-11050

CVE-2017-11050 concerns Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernels. The description indicates that when the pktlogconf tool provides a pktlog buffer smaller than the minimal possible source data size in the host driver, a potential buffer overflow can occu...

7.8CVSS7.4AI score0.00163EPSS
CVE
CVE
added 2017/10/10 8:0 p.m.52 views

CVE-2017-11063

CVE-2017-11063 describes a race condition between two userspace processes that interact with a driver in Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF/Linux kernel. The race condition can lead to a null pointer dereference, i.e., a potential crash; exploitation details, af...

5.9CVSS5.8AI score0.00473EPSS
CVE
CVE
added 2018/01/16 4:0 p.m.52 views

CVE-2017-11072

Summary: CVE-2017-11072 corresponds to an elevation-of-privilege vulnerability in Android's Partition table updater, affecting Google Pixel/Nexus devices. Affected component: Partition table updater in Android on CAF/Kernel stack with GPT header processing. Root cause: Buffer overflow when calcul...

7.8CVSS7.4AI score0.00137EPSS
CVE
CVE
added 2017/12/06 2:0 p.m.52 views

CVE-2017-13158

CVE-2017-13158 is an information-disclosure vulnerability in Android's activitymanagerservice affecting Android 5.1.1 through 8.0 (including 8.0). The issue is a information disclosure vulnerability in the System component that could expose data to an attacker. CVSSv3 base score 7.5 (NETWORK, LOW...

7.8CVSS6.9AI score0.00583EPSS
CVE
CVE
added 2017/12/06 2:0 p.m.52 views

CVE-2017-13159

CVE-2017-13159 is an information-disclosure flaw in Android’s activitymanagerservice. The Android Security Bulletin (Dec 2017) lists it under the System component with bug ID A-32879772 and affected Android versions 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, and 8.0. Patch levels 2017-12-01 and 2017-1...

7.8CVSS6.9AI score0.00583EPSS
CVE
CVE
added 2017/12/06 2:0 p.m.52 views

CVE-2017-13174

CVE-2017-13174 is documented in the Android kernel (EDL) as an Elevation of Privilege issue. Connected sources confirm it is part of the 2017-12-05 patch level kernel fixes, but no detailed affected versions or explicit remediation steps are provided beyond this bulletin reference.

7.8CVSS7.4AI score0.0018EPSS
CVE
CVE
added 2018/01/12 11:0 p.m.52 views

CVE-2017-13193

CVE-2017-13193 affects Android via the Media/HEVC decoding path. The issue is an infinite loop in ihevcd_decode.c triggered by an sps with an unsupported resolution, causing the same SPS to be fed repeatedly. This can lead to a remote denial of service on a critical system process with no user in...

7.8CVSS7.3AI score0.02173EPSS
CVE
CVE
added 2018/02/12 7:0 p.m.52 views

CVE-2017-13231

CVE-2017-13231 refers to an out-of-bounds write in libmediadrm on Android 8.0 and 8.1 caused by improper input validation, enabling local elevation of privilege without user interaction. In the connected Android security bulletin, this issue is listed under the Media framework with a High impact ...

7.8CVSS7.5AI score0.00176EPSS
CVE
CVE
added 2018/04/04 5:0 p.m.52 views

CVE-2017-13263

CVE-2017-13263 affects the Android framework (Android 8.0 and 8.1). The incident is classified as an Elevation of Privilege (EoP) in the framework; no specific root-cause technical details are provided in the documents. The accessible sources identify it under the Framework category with a Modera...

7.5CVSS7AI score0.00329EPSS
CVE
CVE
added 2018/04/04 4:0 p.m.52 views

CVE-2017-13290

CVE-2017-13290 affects Android: the issue is an out-of-bounds read in sdp_server_handle_client_req within sdp_server.cc, caused by a missing bounds check. This leads to local information disclosure with no privileges required and no user interaction. Versions impacted include Android 6.0–8.1. The...

6.2CVSS5.8AI score0.00169EPSS
CVE
CVE
added 2018/03/15 9:0 p.m.52 views

CVE-2017-14882

CVE-2017-14882 affects Android for MSM, Firefox OS for MSM, QRD Android, and CAF Linux-kernel builds. The issue stems from processing a VENDOR specific action frame in lim_process_action_vendor_specific(), where the incoming action frame body is length-validated, allowing potential out-of-bounds ...

7.8CVSS7.1AI score0.01035EPSS
CVE
CVE
added 2018/07/06 5:0 p.m.52 views

CVE-2017-14893

CVE-2017-14893 involves a potential buffer over-read during flashing a meta image in Android CAF builds (Android for MSM, Firefox OS for MSM, QRD Android) via the Linux kernel, before the 2018-06-05 patch level. Root cause: image size smaller than the image header or header plus header entries tr...

5.5CVSS5.4AI score0.00166EPSS
CVE
CVE
added 2018/03/15 9:0 p.m.52 views

CVE-2017-15815

CVE-2017-15815 describes a potential buffer overflow in the WLAN processing path of Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernel, specifically when handling 802.11 MGMT frames (e.g., Auth) inside limProcessAuthFrame. The issue is triggered during processing o...

10CVSS9AI score0.01468EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.52 views

CVE-2017-15823

The CVE-2017-15823 entry affects Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-11, where spectral_create_samp_msg() may mishandle firmware values, potentially causing a buffer overflow. The description notes improper validation of firmware values as the root cause. No exploi...

7.8CVSS7.5AI score0.00186EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.52 views

CVE-2017-15826

The CVE-2017-15826 entry describes a race condition in the MDSS rotator used in Android for MSM, Firefox OS for MSM, and QRD Android prior to 2017-10-20, potentially enabling a double-free when two threads free the same perf structures. The NVD entry confirms a LOCAL attack with medium complexity...

7.8CVSS7.3AI score0.00127EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.52 views

CVE-2017-15837

CVE-2017-15837 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds in CAF-derived Linux kernels prior to 2018-04-05. The issue is a missing NL80211_PKTPAT_OFFSET policy, which can cause a buffer over-read in nla_get_u32(). Impact is a partial confidentiality risk with no ...

5.3CVSS4.9AI score0.00362EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.52 views

CVE-2017-15852

CVE-2017-15852 is an information-disclosure vulnerability affecting Qualcomm MSM camera components, specifically an ISPIF/base address exposure in the camera driver (Framebuffer path referenced in Pixel/Qualcomm mappings). The NVD entry describes an information leak of the ISPIF base address that...

7.8CVSS7.3AI score0.00158EPSS
CVE
CVE
added 2018/02/23 11:0 p.m.52 views

CVE-2017-15860

CVE-2017-15860 affects Qualcomm WLAN in Android CAF builds using the Linux kernel. In these releases, processing an encrypted authentication management frame can trigger a stack buffer overflow in the Qualcomm component, with the Android bulletin listing this as a Remote Code Execution (RCE) vuln...

9.3CVSS7.6AI score0.00387EPSS
CVE
CVE
added 2018/03/16 10:0 p.m.52 views

CVE-2017-18059

CVE-2017-18059 affects Qualcomm WLAN/WMA on Android platforms (Android for MSM, Firefox OS for MSM, QRD Android) with CAF Linux kernel. The root cause is improper input validation of the vdev id in wma_scan_event_callback() (received from firmware), which can lead to an out-of-bounds memory read....

7.5CVSS7.1AI score0.00542EPSS
CVE
CVE
added 2018/03/16 10:0 p.m.52 views

CVE-2017-18065

CVE-2017-18065 corresponds to a Qualcomm Wma component Elevation of Privilege vulnerability in Android for MSM/CAFLinux-based builds. The issue arises from improper input validation of vent->vdev_id in wma_action_frame_filter_mac_event_handler(), which is sourced from firmware, allowing arbitr...

7.8CVSS7.5AI score0.00184EPSS
CVE
CVE
added 2018/03/15 9:0 p.m.52 views

CVE-2017-18067

CVE-2017-18067 affects the Qualcomm Wireless network driver in Android Qualcomm components (CAF/Linux-based Android releases). The root cause is improper input validation when processing an encrypted authentication management frame (lim_send_auth_mgmt_frame()), leading to a buffer overflow. The d...

10CVSS9AI score0.03066EPSS
CVE
CVE
added 2018/07/06 5:0 p.m.52 views

CVE-2017-18159

CVE-2017-18159 affects CAF Android builds using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android). The issue is an out-of-bounds access when processing a StrHwPlatform whose length is smaller than EFICHIPINFO_MAX_ID_LENGTH, leading to a local, high-severity impact (CVSS 2.0/3.0:...

7.8CVSS7.3AI score0.00239EPSS
CVE
CVE
added 2020/04/08 1:4 p.m.52 views

CVE-2017-18645

CVE-2017-18645 affects Samsung mobile devices with M(6.x) and N(7.x) Qualcomm chipsets. The issue is a panel_lpm sysfs stack-based buffer overflow in the software, with CVSSv3.1/2.0 vectors indicating a network attack vector, low complexity, no authentication, and high confidentiality, integrity,...

9.8CVSS9.5AI score0.0044EPSS
CVE
CVE
added 2020/04/08 12:59 p.m.52 views

CVE-2017-18646

This CVE reports a bypass of the password requirement for tablet user switching on Samsung mobile devices running M(6.x) and N(7.x) software. The underlying issue allows an attacker to bypass protection by folding the magnetic cover, as described in multiple sources (Samsung ID SVE-2017-10602). C...

4.6CVSS5AI score0.00129EPSS
CVE
CVE
added 2020/04/07 3:35 p.m.52 views

CVE-2017-18663

CVE-2017-18663 affects Samsung mobile devices running N(7.x). Root cause: missing Intent exception handling causes a NullPointerException in system_server, potentially crashing a system process. Samsung identifiers: SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, SVE-2017-9126 (July 2017). Connected...

7.5CVSS7.6AI score0.00415EPSS
CVE
CVE
added 2020/04/07 2:32 p.m.52 views

CVE-2017-18678

CVE-2017-18678 affects Samsung mobile devices running KK(4.4) to N(7.x). The issue allows an attacker to crash system processes via a Serializable object due to missing exception handling. Reported Samsung internal identifiers are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SV...

7.5CVSS7.5AI score0.00415EPSS
CVE
CVE
added 2020/04/07 2:22 p.m.52 views

CVE-2017-18683

Technical details of CVE-2017-18683 are not publicly available in the provided documents. The entries reference Samsung devices and SVoice behavior but do not specify affected components, root cause, impact, or remediation. Monitor for updates.

9.8CVSS9.4AI score0.00443EPSS
CVE
CVE
added 2020/04/07 2:21 p.m.52 views

CVE-2017-18684

CVE-2017-18684 affects Samsung mobile devices running Lollipop 5.0/5.1 and Marshmallow 6.0 (SVoice). The issue allows a provider seizure via an application that uses a custom provider, as described in the Red Hat and NVD entries. The exact root cause details are not fully disclosed in the provide...

9.8CVSS9.3AI score0.00443EPSS
CVE
CVE
added 2017/06/29 3:0 p.m.52 views

CVE-2017-3750

On Lenovo VIBE phones, the Lenovo Security Android app allows private data to be backed up and restored via Android Debug Bridge, enabling tampering that leads to privilege escalation when exploited with CVE-2017-3748 and CVE-2017-3749. The root cause is described as improper access controls on t...

6.9CVSS6.6AI score0.00143EPSS
CVE
CVE
added 2017/11/14 4:0 p.m.52 views

CVE-2017-6275

CVE-2017-6275 affects NVIDIA Tegra kernel CORE DVFS Thermal driver. The vulnerability arises from missing bounds checking in the thermal driver, enabling reading/writing of memory beyond buffer boundaries, potentially causing denial of service or privilege escalation. Public details in connected ...

7.5CVSS6.6AI score0.00412EPSS
CVE
CVE
added 2018/02/06 1:0 p.m.52 views

CVE-2017-6279

CVE-2017-6279 affects NVIDIA Tegra OpenMax component OMX.Nvidia.aac.decoder in the Android media framework. The vendor bulletin notes the component is not actively used or maintained, and that disabling dead code to avoid malicious software can allow instantiation of this component, potentially l...

7.8CVSS7.8AI score0.00157EPSS
CVE
CVE
added 2018/03/12 1:0 p.m.52 views

CVE-2017-6285

CVE-2017-6285 affects NVIDIA libnvrm within Android on Pixel/Nexus devices, caused by a missing bounds check that enables a local information-disclosure through an out-of-bounds read. The vulnerability is listed under NVIDIA components in the Pixel/Nexus 2018-03-01 bulletin; mitigation requires p...

5.5CVSS5.3AI score0.00132EPSS
CVE
CVE
added 2018/03/12 1:0 p.m.52 views

CVE-2017-6286

The CVE-2017-6286 issue affects NVIDIA libnvomx in Android and involves a possible out-of-bounds write due to a missing bounds check, enabling local escalation of privilege. Affected component: NVIDIA libnvomx (Android). Impact: local privilege escalation with potential arbitrary code execution w...

7.8CVSS7.5AI score0.00158EPSS
CVE
CVE
added 2018/06/07 7:0 p.m.52 views

CVE-2017-6294

CVE-2017-6294 is an NVIDIA TLK TrustZone OS issue in the logging driver for Tegra X1 TZ (TLK TrustZone OS). The vulnerability could allow arbitrary code execution, DoS, or privilege escalation with local access. Affected: SHIELD TV on Android; vulnerable component is the TLK TrustZone OS logging ...

7.8CVSS7.6AI score0.00159EPSS
CVE
CVE
added 2017/06/13 8:0 p.m.52 views

CVE-2017-8239

CVE-2017-8239 is an information-disclosure issue in the Camera driver on Android devices (Qualcomm components) listed under the 2017 Pixel/Nexus bulletin. The vulnerability is categorized as ID with moderate severity in the camera driver, with no exploitation details provided in the available doc...

5.5CVSS6AI score0.0038EPSS
CVE
CVE
added 2017/10/10 8:0 p.m.52 views

CVE-2017-9683

CVE-2017-9683 describes an integer overflow in Android for MSM/CAF Linux kernel when flashing a meta image if user-supplied image offset/size are too large. Affected: Android for MSM, Firefox OS for MSM, QRD Android with CAF Linux kernel (all CAF-based Android releases). Root cause: integer overf...

7.8CVSS7.3AI score0.00158EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.52 views

CVE-2017-9692

CVE-2017-9692 is tracked in multiple sources with a concrete reference to the Graphics driver in Google device updates, listing DoS (local) as the vulnerability type. The issue is described as a NULL pointer dereference that can occur when an atomic commit is issued on a writeback panel with a NU...

7.8CVSS7.4AI score0.00198EPSS
CVE
CVE
added 2017/12/05 5:0 p.m.52 views

CVE-2017-9700

CVE-2017-9700 affects Android-on-MSM variants (CAFs/Linux kernel-based Android builds) where a 64-character image name can trigger a buffer overwrite in fw_name_store. The vulnerability is rooted in image-name handling within the fw_name_store path, impacting Android for MSM, Firefox OS for MSM, ...

7.8CVSS7.2AI score0.00138EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.52 views

CVE-2018-11299

CVE-2018-11299 affects CAF WLAN host driver in Android/Linux kernel: when WLAN firmware does not fill the vdev id correctly in stats events, the driver may access an interface array without proper bounds checking, causing invalid memory access and potentially kernel panic or page fault. Connected...

7.8CVSS7.2AI score0.00203EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.52 views

CVE-2018-11843

CVE-2018-11843 affects Qualcomm WLAN host components; the issue is use-after-free caused by missing return-value checks in the WMA vdev start/response path. Documented as High severity with local attack vector in Qualcomm/Android bulletins; patches are available in the 2020-01 Android security bu...

7.8CVSS8AI score0.00177EPSS
CVE
CVE
added 2020/04/08 5:12 p.m.52 views

CVE-2018-21076

CVE-2018-21076 concerns Samsung mobile devices with N(7.x) Exynos8890/8895 SoCs, where a modified trustlet in the Secure Driver can disclose a KASLR offset. The core issue is information disclosure rather than code execution, with a local access vector implied by the need to interact with the Sec...

5.5CVSS5.3AI score0.00134EPSS
CVE
CVE
added 2020/04/08 5:11 p.m.52 views

CVE-2018-21077

CVE-2018-21077 affects Samsung mobile devices running Android M(6.0), N(7.x), and O(8.x). The issue is a clipboard content disclosure in the locked state when the keyboard may be used during an emergency call. Samsung internal ID: SVE-2017-11107 (April 2018). Public details: CVSSv3.1 base score 2...

2.4CVSS4.1AI score0.00139EPSS
CVE
CVE
added 2018/06/06 9:0 p.m.52 views

CVE-2018-3562

CVE-2018-3562: A buffer over-read can occur while processing a FILS authentication frame in Android CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux kernel. Documented in NVD as a DoS vulnerability within WLAN, with local attack vector and availability impact. Affected: Andr...

7.1CVSS4.9AI score0.00321EPSS
CVE
CVE
added 2018/05/17 10:0 p.m.52 views

CVE-2018-3567

CVE-2018-3567 is a WLAN buffer overflow affecting Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds leveraging CAF on Linux kernels before 2018-04-05. The vulnerability arises in WLAN when processing HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages (root cause:...

7.8CVSS7.4AI score0.00193EPSS
CVE
CVE
added 2018/07/06 5:0 p.m.52 views

CVE-2018-5832

CVE-2018-5832 infers a race condition in a camera driver ioctl handler on CAF Android builds using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android). The root cause is a Use-After-Free condition triggered by a race in the driver path prior to the security patch level 2018-06-05....

7CVSS6.5AI score0.00129EPSS
Total number of security vulnerabilities8153