Android Security Vulnerabilities and Issues — Page 125 of Android CVE List

7.8CVSS8.1AI score0.00874EPSS

CVE-2016-6703

A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This iss...

7.1CVSS5.7AI score0.00269EPSS

CVE-2016-6713

A remote denial of service vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A...

7.6CVSS7AI score0.00052EPSS

CVE-2016-6717

An elevation of privilege vulnerability in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is...

CVE•added 2016/12/13 7:59 p.m.•33 views

CVE-2016-6720

An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is ra...

5.5CVSS5.3AI score0.0011EPSS

9.3CVSS7.4AI score0.0004EPSS

CVE-2016-6736

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which m...

CVE•added 2017/01/12 3:59 p.m.•33 views

CVE-2016-6764

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A...

7.1CVSS5.6AI score0.00145EPSS

CVE•added 2017/01/12 3:59 p.m.•33 views

CVE-2016-6788

An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android...

7.6CVSS6.8AI score0.00052EPSS

CVE•added 2017/01/27 5:59 p.m.•33 views

CVE-2016-8411

Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775.

10CVSS8.7AI score0.00114EPSS

CVE•added 2017/01/12 8:59 p.m.•33 views

CVE-2016-8448

An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged proce...

7.6CVSS7AI score0.0004EPSS

CVE•added 2018/11/27 6:0 p.m.•33 views

CVE-2017-11078

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the boot image header, an out of bounds read can occur in boot.

7.8CVSS7.4AI score0.00018EPSS

7.8CVSS7.1AI score0.00101EPSS

CVE-2017-13186

A vulnerability in the Android media framework (libavc) related to incorrect use of mmco parameters. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65735716.

7.8CVSS7.3AI score0.02288EPSS

CVE-2017-13192

In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header.c a slice address of zero after the first slice could result in an infinite loop. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not...

7.5CVSS6.8AI score0.00123EPSS

CVE-2017-13200

An information disclosure vulnerability in the Android media framework (av) related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63100526.

7.5CVSS6.8AI score0.00117EPSS

CVE-2017-13201

An information disclosure vulnerability in the Android media framework (mediadrm). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63982768.

7.5CVSS6.8AI score0.0009EPSS

CVE-2017-13202

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67647856.

9.1CVSS7.1AI score0.00108EPSS

CVE-2017-13205

An information disclosure vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64550583.

CVE•added 2018/04/04 5:29 p.m.•33 views

CVE-2017-13264

A other vulnerability in the Android media framework (Avcdec). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70294343.

7.5CVSS7.2AI score0.00113EPSS

CVE•added 2018/04/04 4:29 p.m.•33 views

CVE-2017-13301

A denial of service vulnerability in the Android system (system ui). Product: Android. Versions: 8.0. Android ID: A-66498711.

7.8CVSS7AI score0.00125EPSS

7.5CVSS7.1AI score0.00117EPSS

CVE-2017-14870

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating the recovery message for eMMC devices, 1088 bytes of stack memory can potentially be leaked.

CVE•added 2018/03/30 9:29 p.m.•33 views

CVE-2017-14877

While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no mutex lock of allocated memory. If one thread sends an ioctl cmd IPA_IOC_QUERY_RT_TBL_INDEX while another sends an ioctl cmd IPA_IOC_DEL_RT_RULE, a use-after-free ...

9.8CVSS9.1AI score0.00208EPSS

CVE•added 2017/12/05 7:29 p.m.•33 views

CVE-2017-14914

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, handles in the global client structure can become stale.

10CVSS7.7AI score0.00106EPSS

CVE•added 2017/12/05 5:29 p.m.•33 views

CVE-2017-15813

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overflow can occur while reading firmware logs.

9.8CVSS8.9AI score0.00177EPSS

7.8CVSS8.1AI score0.00026EPSS

CVE-2017-15818

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size.

7.8CVSS7.3AI score0.00027EPSS

CVE-2017-15845

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (negative value) from user space can potentially lead to the memory leak or buffer overflow during the WLAN cal data store operation.

7CVSS6.5AI score0.00022EPSS

CVE-2017-15847

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the SPCom kernel driver, a race condition exists when creating a channel.

CVE•added 2018/06/12 8:29 p.m.•33 views

CVE-2017-15854

The value of fix_param->num_chans is received from firmware and if it is too large, an integer overflow can occur in wma_radio_chan_stats_event_handler() for the derived length len leading to a subsequent buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD ...

7.8CVSS7.5AI score0.00019EPSS

CVE•added 2018/03/30 9:29 p.m.•33 views

CVE-2017-15859

While processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE_DECR_DB contains fewer than 1 byte, in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-11 a buffer overrun occurs.

7.5CVSS7.5AI score0.00123EPSS

CVE•added 2018/03/30 9:29 p.m.•33 views

CVE-2017-17766

In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-03, the value of num_peers received from firmware is not properly validated so that an integer overflow vulnerability in the size of a buffer allocation may potentially lead to a buffer overflow.

9.8CVSS9.2AI score0.00191EPSS

CVE•added 2018/03/15 9:29 p.m.•33 views

CVE-2017-18064

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for p2p_noa_info in wma_send_bcn_buf_ll() which is received from firmware leads to potential buffer overflow.

7.8CVSS7.2AI score0.00029EPSS

CVE•added 2017/12/06 6:29 p.m.•33 views

CVE-2017-6262

NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android ID: A-38045794...

7CVSS7.1AI score0.00025EPSS

CVE•added 2018/04/04 6:29 p.m.•33 views

CVE-2017-6425

An information disclosure vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-32577085. References: QC-CR#1103689.

4.3CVSS4.7AI score0.00107EPSS

CVE•added 2017/08/18 6:29 p.m.•33 views

CVE-2017-8272

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write.

7.8CVSS7.2AI score0.00053EPSS

7.8CVSS7.1AI score0.00028EPSS

CVE-2017-9705

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing locking resulting in list_del() and list_add() overlapping ...

CVE•added 2017/10/10 8:29 p.m.•33 views

CVE-2017-9717

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur.

7.5CVSS7.2AI score0.00111EPSS

CVE•added 2017/12/05 5:29 p.m.•33 views

CVE-2017-9722

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when updating custom EDID (hdmi_tx_sysfs_wta_edid), if edid_size, which is controlled by userspace, is too large, a buffer overflow occurs.

7.8CVSS7.4AI score0.00017EPSS

5.5CVSS5.4AI score0.00037EPSS

CVE-2018-11280

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing user-space there is no size validation of the NAT entry input. If the user input size of the NAT entry is greater than the max allowed size, memory exhaustion will occur.

7.8CVSS7.7AI score0.00027EPSS

CVE-2018-11281

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while calling IPA_IOC_MDFY_RT_RULE IPA IOCTL, header entry is not checked before use. If IPA_IOC_MDFY_RT_RULE IOCTL called for header entries formerly deleted, a Use after free condition will...

7.8CVSS7.7AI score0.00021EPSS

CVE-2018-11286

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing global variable "debug_client" in multi-thread manner, Use after free issue occurs

7.8CVSS7.3AI score0.00033EPSS

CVE-2018-11300

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, callback executed from the other thread has freed memory which is also used in wlan function and may result in to a "Use after free" scenario.