Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleAndroid

525 matches found

CVE
CVEadded 2016/07/11 2:0 a.m.28 views

CVE-2016-3760

Bluetooth in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows local users to gain privileges by establishing a pairing that remains present during a session of the primary user, aka internal bug 27410683.

7.5CVSS7.3AI score0.00053EPSS
CVE
CVEadded 2016/07/11 2:0 a.m.28 views

CVE-2016-3774

The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008609 and MediaTek internal bug ALPS02703102.

9.3CVSS7.5AI score0.00043EPSS
CVE
CVEadded 2016/07/11 2:0 a.m.28 views

CVE-2016-3795

The MediaTek power driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28085222 and MediaTek internal bug ALPS02677244.

9.3CVSS7.5AI score0.00043EPSS
CVE
CVEadded 2016/07/11 2:0 a.m.28 views

CVE-2016-3807

The serial peripheral interface driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 28402196.

9.3CVSS7.5AI score0.00043EPSS
CVE
CVEadded 2016/08/05 8:59 p.m.28 views

CVE-2016-3825

mm-video-v4l2/vidc/venc/src/omx_video_base.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allocates an incorrect amount of memory, which allows attackers to gain privileges via a crafted application, aka internal bug 28816964.

7.8CVSS7.5AI score0.00023EPSS
CVE
CVEadded 2016/08/05 8:59 p.m.28 views

CVE-2016-3829

The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 does not initialize certain structure members, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29023649.

7.1CVSS5.7AI score0.00192EPSS
CVE
CVEadded 2016/08/05 8:59 p.m.28 views

CVE-2016-3853

Google Play services in Android before 2016-08-05 on Nexus devices allow local users to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26803208.

5.5CVSS5.7AI score0.00012EPSS
CVE
CVEadded 2016/09/11 9:59 p.m.28 views

CVE-2016-3859

The Qualcomm camera driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28815326 and Qualcomm internal bug CR1034641.

9.3CVSS7.5AI score0.00071EPSS
CVE
CVEadded 2016/11/25 4:59 p.m.28 views

CVE-2016-3907

An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderat...

5.5CVSS5.1AI score0.00072EPSS
CVE
CVEadded 2016/12/13 7:59 p.m.28 views

CVE-2016-6722

An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is ra...

5.5CVSS5.3AI score0.00091EPSS
CVE
CVEadded 2016/07/11 1:59 a.m.27 views

CVE-2016-3749

server/LockSettingsService.java in LockSettingsService in Android 6.x before 2016-07-01 allows attackers to modify the screen-lock password or pattern via a crafted application, aka internal bug 28163930.

8.4CVSS7.6AI score0.00019EPSS
CVE
CVEadded 2016/07/11 1:59 a.m.27 views

CVE-2016-3757

The print_maps function in toolbox/lsof.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows user-assisted attackers to gain privileges via a crafted application that attempts to list a long name of a memory-mapped file, aka internal bug 28175237. ...

7CVSS7AI score0.00014EPSS
CVE
CVEadded 2016/07/11 2:0 a.m.27 views

CVE-2016-3767

The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28169363 and MediaTek internal bug ALPS02689526.

9.3CVSS7.5AI score0.00043EPSS
CVE
CVEadded 2016/07/11 2:0 a.m.27 views

CVE-2016-3798

The MediaTek hardware sensor driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28174490 and MediaTek internal bug ALPS02703105.

9.3CVSS7.5AI score0.00043EPSS
CVE
CVEadded 2016/07/11 2:0 a.m.27 views

CVE-2016-3804

The MediaTek power management driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28332766 and MediaTek internal bug ALPS02694410.

9.3CVSS7.5AI score0.00043EPSS
CVE
CVEadded 2016/07/11 2:0 a.m.27 views

CVE-2016-3811

The kernel video driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28447556.

9.3CVSS7.3AI score0.00043EPSS
CVE
CVEadded 2016/08/05 8:59 p.m.27 views

CVE-2016-3833

The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGE_USERS and CREATE_USERS permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka internal bug 29189712.

9.3CVSS7.2AI score0.00053EPSS
CVE
CVEadded 2016/08/05 8:59 p.m.27 views

CVE-2016-3843

Android before 2016-08-05 does not properly restrict code execution in a kernel context, which allows attackers to gain privileges via a crafted application, as demonstrated by the kernel performance subsystem and the Qualcomm performance component, aka Android internal bugs 28086229 and 29119870 a...

9.3CVSS7.7AI score0.00173EPSS
CVE
CVEadded 2016/09/11 9:59 p.m.27 views

CVE-2016-3870

omx/SimpleSoftOMXComponent.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not prevent input-port changes, which allows attackers to gain privileges via a crafted application, aka interna...

9.3CVSS7.4AI score0.00135EPSS
CVE
CVEadded 2016/03/12 9:59 p.m.26 views

CVE-2016-0831

The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READ_PHONE_STATE permission, which allows attackers to obtain sensitive information via a crafted application, aka inte...

5.5CVSS5.5AI score0.00125EPSS
CVE
CVEadded 2016/07/11 2:0 a.m.26 views

CVE-2016-3769

The NVIDIA video driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28376656.

9.3CVSS7.5AI score0.00043EPSS
CVE
CVEadded 2016/08/05 8:59 p.m.26 views

CVE-2016-3837

service/jni/com_android_server_wifi_WifiNative.cpp in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application that provides a MAC address with too few characters, aka internal bug 28164077.

5.5CVSS5.5AI score0.00154EPSS
CVE
CVEadded 2016/11/25 4:59 p.m.26 views

CVE-2016-6714

A remote denial of service vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A...

7.1CVSS5.7AI score0.00128EPSS
CVE
CVEadded 2016/10/10 10:59 a.m.25 views

CVE-2016-6679

CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes a setwpaie ioctl call, aka Android internal bug 29915601 and Qualcomm internal bug CR 1...

5.5CVSS5.8AI score0.00108EPSS
CVE
CVEadded 2016/10/10 11:0 a.m.25 views

CVE-2016-6693

sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via an invalid data length, aka Qualcomm internal bug CR 1027585.

9.8CVSS9.5AI score0.00217EPSS
Total number of security vulnerabilities525