Lucene search
K
GoogleAndroid

8205 matches found

CVE
CVE
added 2018/02/12 7:0 p.m.49 views

CVE-2017-13244

CVE-2017-13244 is an Elevation of Privilege (EoP) flaw in the Android kernel Easel driver. The upstream kernel Easel component is affected, enabling privilege escalation on Android devices. The issue is classified as EoP with Moderate severity in the Pixel/Nexus bulletin, and addressed by patch l...

7.8CVSS6.8AI score0.00154EPSS
CVE
CVE
added 2018/04/04 5:0 p.m.49 views

CVE-2017-13268

The CVE-2017-13268 entry corresponds to an Information Disclosure in the Android system Bluetooth stack. Affected Android versions include 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. The issue is categorized as a System vulnerability with Moderate severity in the Pixel/Android bulletin. P...

4.3CVSS4.2AI score0.00195EPSS
CVE
CVE
added 2018/04/04 4:0 p.m.49 views

CVE-2017-13274

CVE-2017-13274 affects Android Runtime: UriTest.getHost() may misdetermine the web origin, enabling incorrect security decisions. Affected: Android 6.0–8.1. Impact described as high/critical (CVSS 3.0: 9.8; base vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Exploitation requires no user i...

9.8CVSS8.1AI score0.00543EPSS
CVE
CVE
added 2018/04/04 4:0 p.m.49 views

CVE-2017-13288

CVE-2017-13288 affects Android 8.0 and 8.1, with a vulnerability in writeToParcel/readFromParcel of the PeriodicAdvertisingReport.java file caused by a 64/32-bit int mismatch. This leads to a permission bypass and potential local elevation of privilege by starting an activity with system privileg...

7.8CVSS7.7AI score0.00197EPSS
CVE
CVE
added 2018/04/04 4:0 p.m.49 views

CVE-2017-13296

CVE-2017-13296 is an information-disclosure vulnerability in the Android media framework (libavc). Affected Product/Component: Android media framework (libavc) across Android versions 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Root cause: information disclosure within libavc leads to partial confid...

5.3CVSS4.8AI score0.00347EPSS
CVE
CVE
added 2018/04/04 4:0 p.m.49 views

CVE-2017-13298

CVE-2017-13298 is an information-disclosure vulnerability in Android’s media framework (libhavc) affecting Android 6.0–8.1. The issue is described as information disclosure; no specifics on root cause are provided in the initial text. Connected sources indicate the vulnerability affected Pixel/Ne...

5.3CVSS4.8AI score0.00347EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.49 views

CVE-2017-14876

The CVE-2017-14876 vulnerability affects Android for MSM, Firefox OS for MSM, and QRD Android prior to 2017-06-21. The root cause is a lack of bounds checking on params->entries[i].vfe_intf in msm_ispif_config_stereo(), which can lead to a kernel out-of-bounds write. Exploitation status is not...

9.8CVSS8.8AI score0.00605EPSS
CVE
CVE
added 2017/12/05 7:0 p.m.49 views

CVE-2017-14918

CVE-2017-14918 is documented in multiple sources as a Use-After-Free vulnerability affecting Android on MSM platforms, specifically in the GPS location wireless interface. In the Qualcomm closed-source components section, it is listed with High severity for a closed-source component. The Connecte...

10CVSS7.7AI score0.00726EPSS
CVE
CVE
added 2018/03/16 10:0 p.m.49 views

CVE-2017-15814

The connected CNVD-2018-06014 entry describes an information-disclosure vulnerability in Google's Android Qualcomm Camera_v2 driver, caused by insufficient input validation in the driver. The issue is tied to the Camera_v2 components on Android devices using Qualcomm hardware and enables local in...

4.4CVSS4.5AI score0.00165EPSS
CVE
CVE
added 2018/12/07 2:0 p.m.49 views

CVE-2017-15835

CVE-2017-15835 affects Android variants (Android for MSM, Firefox OS for MSM, QRD Android) built on CAF with the Linux kernel. The issue lies in how the RIC Data Descriptor IE is processed in an artificially crafted 802.11 frame where the IE length exceeds 255, which may trigger an infinite loop ...

6.5CVSS6.3AI score0.00222EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.49 views

CVE-2017-15846

The CVE-2017-15846 entry affects the camera driver in Android for MSM, Firefox OS for MSM, and QRD Android prior to 2017-09-16. Root cause: an untrusted pointer dereference in video_ioctl2() could occur. Impact per sources is potentially high (partial to full confidentiality, integrity, and avail...

7.8CVSS7.4AI score0.0016EPSS
CVE
CVE
added 2018/01/10 7:0 p.m.49 views

CVE-2017-15849

CVE-2017-15849 affects Qualcomm Display in Android/CAF builds for MSM, where a LayerStack can be destroyed between Validate and Commit by the application, causing a Use-After-Free condition. The issue is described in multiple sources (NVD entry and related CVEs) as a high-severity (EoP) vulnerabi...

9.3CVSS7.2AI score0.00614EPSS
CVE
CVE
added 2020/04/07 3:43 p.m.49 views

CVE-2017-18657

CVE-2017-18657 concerns Samsung mobile devices running M(6.0)/N(7.x) software. The issue is an arbitrary write in a trustlet (Samsung ID SVE-2017-8893). Connected documents (Red Hat, NVD/NVD mirror, CVE lists) corroborate the same root cause description, with no publicly detailed exploit or affec...

5.3CVSS5.5AI score0.00302EPSS
CVE
CVE
added 2020/04/07 2:39 p.m.49 views

CVE-2017-18673

CVE-2017-18673 affects Samsung mobile devices running N(7.x) software. The issue allows an attacker to disable the Location service on a locked device, preventing the rightful owner from locating a stolen device. The Samsung ID is SVE-2017-8524 (May 2017). Public documents do not provide details ...

2.4CVSS4.1AI score0.00133EPSS
CVE
CVE
added 2020/04/07 2:38 p.m.49 views

CVE-2017-18674

CVE-2017-18674 affects Samsung mobile devices running Android N (7.0); the Timaservice time service is susceptible to a kernel panic. The issue is associated with Samsung ID SVE-2017-8593, May 2017. CVSS indicates network attack vector with low privileges required and high availability impact. Th...

7.8CVSS7.4AI score0.00422EPSS
CVE
CVE
added 2020/04/07 2:37 p.m.49 views

CVE-2017-18675

CVE-2017-18675 affects Samsung mobile devices on M(6.0)/N(7.x) with Exynos7420/Exynos8890. The issue is in the Camera application, which can leak uninitialized memory via the ion subsystem. The Red Hat and NVD records reiterate the same description; no additional exploit details, affected version...

7.5CVSS7.6AI score0.00415EPSS
CVE
CVE
added 2020/04/07 2:34 p.m.49 views

CVE-2017-18676

CVE-2017-18676 affects Samsung mobile devices running Android N (7.0) on Qualcomm chipsets and is described as an RKP kernel protection bypass caused by a lack of MSR trapping, enabling potential unwanted memory mappings. The issue is tied to Samsung ID SVE-2016-7901 (April 2017). Connected docum...

7.5CVSS7.5AI score0.00364EPSS
CVE
CVE
added 2018/04/04 6:0 p.m.49 views

CVE-2017-6426

CVE-2017-6426 is a documented information-disclosure vulnerability in the Qualcomm SPMI driver (Android kernel). A local-attack requires user interaction and could let a malicious local app access data outside its permission levels. Affected are Pixel and Pixel XL devices per the CVE list. The so...

4.3CVSS4.7AI score0.00421EPSS
CVE
CVE
added 2017/06/13 8:0 p.m.49 views

CVE-2017-7367

CVE-2017-7367 concerns an integer underflow in the boot image processing path on Android CAF builds using the Linux kernel. The available connected documents identify this as a DoS-type issue (bootloader component) with a high-severity impact profile. The exact affected products, versions, and fi...

9.3CVSS7.5AI score0.00363EPSS
CVE
CVE
added 2017/06/13 8:0 p.m.49 views

CVE-2017-7373

CVE-2017-7373 affects Android CAF builds using the Linux kernel display/video driver, describing a double‑free flaw. The Android bulletin attributes EoP potential to this issue and notes patches in the 2017-06-05 security update; apply the corresponding updates to mitigate.

9.3CVSS7.5AI score0.0041EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.49 views

CVE-2017-8257

CVE-2017-8257 affects Qualcomm CAF Android devices using the Linux kernel, specifically the sde_rotator debug interface. The issue arises when multiple processes read registers and one process frees the debug buffer while another still uses it, creating a use-after-free-like condition. The NVD re...

7.8CVSS7.4AI score0.00283EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.49 views

CVE-2017-8268

CVE-2017-8268 affects Qualcomm components in Android CAF builds using the Linux kernel. The camera application can request frame/command buffer operations with invalid values, causing the camera driver to perform a heap buffer over-read. Documented impact is high (CVSSv3: 7.8; CVSSv2: 9.3). The v...

9.3CVSS7.4AI score0.0046EPSS
CVE
CVE
added 2017/08/18 7:0 p.m.49 views

CVE-2017-9679

CVE-2017-9679 affects Qualcomm products with Android CAF/Linux kernel. The issue arises when a userspace string is not NULL-terminated, allowing kernel memory contents to leak to system logs. This constitutes an information disclosure risk (partial confidentiality impact) as described in the vuln...

7.5CVSS6.9AI score0.00519EPSS
CVE
CVE
added 2017/12/05 5:0 p.m.49 views

CVE-2017-9709

CVE-2017-9709 is a privilege-escalation issue in telephony affecting Android for MSM/CAF Linux-kernel builds. Affected components are telephony-related in Android variants (Android for MSM, Firefox OS for MSM, QRD Android) with CAF kernel usage. The vulnerability is described as enabling elevatio...

9.8CVSS8.8AI score0.00442EPSS
CVE
CVE
added 2017/10/10 8:0 p.m.49 views

CVE-2017-9715

The CVE-2017-9715 entry describes a buffer over-read in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android releases using the Linux kernel when processing a vendor command. The underlying vulnerability is a buffer over-read (noted as an information disclosure risk) with affected co...

7.5CVSS7AI score0.00514EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.49 views

CVE-2017-9723

CVE-2017-9723 affects the synaptics_dsx touchscreen driver used in Android for MSM, Firefox OS for MSM, and QRD Android prior to 2017-06-05. The issue arises because a stack-allocated buffer size can be set to exceed the size of the stack, enabling a stack-based overflow. The connected documents ...

7.8CVSS7.4AI score0.00172EPSS
CVE
CVE
added 2018/09/06 2:0 p.m.49 views

CVE-2018-11263

CVE-2018-11263 concerns CAF-derived Android WLAN code in the Linux kernel used on Android for MSM, Firefox OS for MSM, and QRD Android. The issue arises when the radio_id received from the FW is greater than or equal to the maximum, allowing an out-of-bounds write while copying radio stats. The v...

8.8CVSS8.2AI score0.00474EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.49 views

CVE-2018-11276

CVE-2018-11276 is a kernel-level vulnerability in the CAF Qualcomm Linux kernel used by Android for MSM, Firefox OS for MSM, and QRD Android. The issue is a double free of memory during driver probe failure, where memory allocated is freed twice, risking kernel instability or a crash. Documented ...

7.8CVSS7.4AI score0.00187EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.49 views

CVE-2018-11297

CVE-2018-11297 affects Qualcomm WLAN Host in Android (CAF/Linux kernel-based builds such as Android for MSM) where the WMA NDP event handler can over-read due to missing validation of input value event_info received from firmware. This is described as a buffer over-read/overflow in the WLAN Host ...

7.8CVSS7.4AI score0.00197EPSS
CVE
CVE
added 2020/04/08 5:28 p.m.49 views

CVE-2018-21063

Technical details about CVE-2018-21063 are not publicly available in the provided documents. Monitor for updates from vendors (e.g., Red Hat, CVE databases) and check for any new advisories or patches.

10CVSS9.4AI score0.00564EPSS
CVE
CVE
added 2020/04/08 1:30 p.m.49 views

CVE-2018-21089

CVE-2018-21089 affects Samsung mobile devices running N(7.x) on MT6755/MT6757 Mediatek chipsets. The root cause is an integer overflow in the bootloader related to the download offset control, enabling arbitrary code execution. The entry notes a Samsung ID SVE-2017-10732 (Jan 2018). Impact is des...

10CVSS9.8AI score0.00831EPSS
CVE
CVE
added 2018/07/06 5:0 p.m.49 views

CVE-2018-3569

CVE-2018-3569 is a Qualcomm WLAN Host vulnerability classified as Elevation of Privilege (EoP) and rated Critical in the 2018-06-05 Android patch set. The issue is a buffer over-read during certain firmware/wlan operations, exposed on CAF Android releases (Android for MSM, Firefox OS for MSM, QRD...

7.8CVSS7.3AI score0.00199EPSS
CVE
CVE
added 2018/07/06 7:0 p.m.49 views

CVE-2018-3570

CVE-2018-3570 refers to a vulnerability in the cpuidle driver used by CAF Android builds (Android for MSM, Firefox OS for MSM, QRD Android) that rely on the Linux kernel. The issue arises from incorrect use of the list_for_each macro, which could lead to an untrusted pointer dereference. Connecte...

7.8CVSS7.1AI score0.00168EPSS
CVE
CVE
added 2018/07/06 5:0 p.m.49 views

CVE-2018-5831

CVE-2018-5831 affects the KGSL driver in CAF Android builds that use the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android). The vulnerability stems from a reference counting error that can trigger a Use-After-Free condition. The impact is described in the Android/CAF context as a lo...

7.8CVSS7.2AI score0.00193EPSS
CVE
CVE
added 2018/11/06 5:0 p.m.49 views

CVE-2018-9355

CVE-2018-9355 affects the Android system component and is described as an out-of-bounds stack write in the function path bta_dm_sdp_result of bta_dm_act.cc, caused by a missing bounds check. The vulnerability could enable remote code execution with no privileges and no user interaction, as report...

10CVSS8.8AI score0.02959EPSS
CVE
CVE
added 2018/11/06 5:0 p.m.49 views

CVE-2018-9438

CVE-2018-9438 affects Android 8.1 (Framework) where devices connected only over WiFi VPN may fail to receive security updates due to incorrect checks, causing local denial of service of security updates. Exploitation requires user interaction; no remote code execution is indicated. The Android Se...

5CVSS5.3AI score0.00192EPSS
CVE
CVE
added 2018/11/06 5:0 p.m.49 views

CVE-2018-9455

CVE-2018-9455 affects Android 6.0–8.1. The issue is an out-of-bounds read in sdpu_extract_attr_seq within sdp_utils.cc, caused by an incorrect bounds check, enabling remote denial of service without user interaction. The Android bulletin lists CVE-2018-9455 under System DoS with patch level 2018-...

7.8CVSS6.6AI score0.0156EPSS
CVE
CVE
added 2024/11/20 5:43 p.m.49 views

CVE-2018-9483

CVE-2018-9483 concerns a vulnerability in Android’s Bluetooth stack, specifically in the function bta_dm_remove_sec_dev_entry within bta_dm_act.cc . The issue is a possible out-of-bounds read caused by a use-after-free, which could allow remote information disclosure over Bluetooth without extra ...

6.5CVSS6.3AI score0.00144EPSS
CVE
CVE
added 2018/10/02 7:0 p.m.49 views

CVE-2018-9496

CVE-2018-9496 affects Android 9.0; vulnerability in ixheaacd_real_synth_fft_p3 within ixheaacd_esbr_fft.c causes an out-of-bounds write due to a missing bounds check, enabling remote code execution with user interaction. Exploitation details are not provided in the connected documents beyond this...

9.3CVSS7.9AI score0.01822EPSS
CVE
CVE
added 2018/10/02 7:0 p.m.49 views

CVE-2018-9511

CVE-2018-9511 affects Android 9.0 and relates to ipSecSetEncapSocketOwner in XfrmController.cpp. The issue is a potential failure to initialize a security feature due to uninitialized data, which could enable local denial of service (DoS) on IPsec sockets without additional privileges or user int...

5.5CVSS5.4AI score0.00217EPSS
CVE
CVE
added 2018/11/14 6:0 p.m.49 views

CVE-2018-9528

CVE-2018-9528 affects ixheaacd_over_lap_add1_armv8: in ixheaacd_overlap_add1.s, a missing bounds check allows an out-of-bounds write. This could enable remote code execution on Android 9 (Android-9) with user interaction required for exploitation. The vulnerability is tied to the ixheaacd compone...

8.8CVSS9AI score0.00727EPSS
CVE
CVE
added 2018/11/14 6:0 p.m.49 views

CVE-2018-9532

Technical details about CVE-2018-9532 are not publicly available in the provided connected documents. The entry references an out-of-bounds write in ixheaacd_env_extr.c affecting Android-9, but no further technical specifics or fixes are disclosed here; monitor for updates.

8.8CVSS9AI score0.00727EPSS
CVE
CVE
added 2018/12/06 2:0 p.m.49 views

CVE-2018-9560

CVE-2018-9560 affects Android 9, in the HID stack. The issue is an out-of-bounds write in HID_DevAddRecord of hidd_api.cc caused by a missing bounds check, enabling local elevation of privilege in the Bluetooth service with no user interaction required. Impact is described as high (local EoP with...

7.8CVSS7.7AI score0.0016EPSS
CVE
CVE
added 2019/02/12 12:0 a.m.49 views

CVE-2018-9587

CVE-2018-9587 affects Android 7.0–9 (Android-7.0, -7.1.1, -7.1.2, -8.0, -8.1, -9). In ContactPhotoUtils.java (savePhotoFromUriToUri), a confused deputy scenario could allow unauthorized access to files in the Contacts app, enabling local elevation of privilege. The vulnerability is local (attack ...

7.3CVSS6.1AI score0.00193EPSS
CVE
CVE
added 2019/04/19 7:15 p.m.49 views

CVE-2019-2026

CVE-2019-2026 affects Android 8.0 Framework. In Editor.java’s updateAssistMenuItems, a missing permission check could allow local escalation of privilege and FRP bypass with no user interaction. The Android 2019-04-01 bulletin lists CVE-2019-2026 as a Framework EoP (High) issue for 8.0, indicatin...

7.8CVSS7.7AI score0.0015EPSS
CVE
CVE
added 2019/04/19 7:24 p.m.49 views

CVE-2019-2030

CVE-2019-2030 is an Android 9 local Elevation of Privilege flaw: a use-after-free in removeInterfaceAddress within NetworkController.cpp that could allow remote code execution in the context of a privileged process without user interaction. The Android security bulletin groups this under System v...

9.8CVSS9.1AI score0.00859EPSS
CVE
CVE
added 2020/03/24 6:25 p.m.49 views

CVE-2019-20558

CVE-2019-20558 concerns a Buffer Overflow in the Touch Screen Driver on Samsung mobile devices with N(7.x), O(8.x) and P(9.0) Exynos chipsets (Samsung ID SVE-2019-14990). Affected component: Touch Screen Driver. Root cause: buffer overflow. Impact per sources: CVSS3.1 base score 9.8 (CRITICAL) wi...

9.8CVSS9.4AI score0.0044EPSS
CVE
CVE
added 2020/03/24 6:41 p.m.49 views

CVE-2019-20573

CVE-2019-20573 affects Samsung mobile devices running N(7.x), O(8.x) and P(9.0). The issue is local SQL injection in the RCS Content Provider, with Samsung repair IDs SVE-2019-14059 and SVE-2019-14685 (August 2019). The NVD CVSS data indicates a high impact (CVSS3.1: Local, Privileges Required Lo...

7.8CVSS8AI score0.00168EPSS
CVE
CVE
added 2020/03/24 7:7 p.m.49 views

CVE-2019-20596

Samsung mobile devices running N(7.x) and O(8.x) software (Exynos chipsets) are affected by CVE-2019-20596 due to an information disclosure in the GateKeeper Trustlet. The data shows a vulnerability in a Trustlet component, leading to partial confidentiality impact with high severity in CVSS 3.1 ...

9.1CVSS8.7AI score0.00455EPSS
CVE
CVE
added 2020/03/24 7:10 p.m.49 views

CVE-2019-20599

Technical details for CVE-2019-20599 are not publicly available in the provided documents. The connected sources repeat the same description without concrete exploit, impact, vulnerable components, or fixes. Monitor for updates from official advisories.

7.5CVSS7.6AI score0.00333EPSS
Total number of security vulnerabilities8205