Lucene search
K
GoogleAndroid

8153 matches found

CVE
CVE
added 2020/03/24 7:21 p.m.47 views

CVE-2019-20608

The CVE-2019-20608 entry concerns Samsung mobile devices running N(7.x), O(8.x), and P(9.0). The vulnerability is described as an issue where an attacker can use Emergency mode to disable features on these devices (Samsung IDs SVE-2018-13164, SVE-2018-13165). Connected sources (Red Hat, NVD, CVE ...

7.5CVSS7.5AI score0.00346EPSS
CVE
CVE
added 2020/03/24 7:39 p.m.47 views

CVE-2019-20623

CVE-2019-20623 affects Samsung mobile devices running Android N (7.1), O (8.x), and P (9.0). The vulnerability is described as an uninitialized memory disclosure in Gallery, associated with Samsung ID SVE-2018-13060 (Feb 2019). Connected sources corroborate the issue across Red Hat and other CVE ...

3.3CVSS4.3AI score0.0014EPSS
CVE
CVE
added 2017/10/10 8:0 p.m.46 views

CVE-2017-9687

CVE-2017-9687 involves a race between two concurrent threads/processes in Android for MSM (and related CAF/Linux kernel builds) where they can write the value "0" to a debugfs file that controls ipa ipc log. This can lead to a double-free in ipc_log_context_destroy() and a Use-After-Free when the...

7.8CVSS7AI score0.00151EPSS
CVE
CVE
added 2017/10/10 8:0 p.m.46 views

CVE-2017-9706

Technical details about CVE-2017-9706 are not provided in the supplied documents. The initial description only notes a potential array out-of-bounds in a display driver; no vendor/product/version specifics or fixes are included. Monitor for updates.

7.8CVSS7.1AI score0.00151EPSS
CVE
CVE
added 2017/12/05 7:0 p.m.46 views

CVE-2017-9716

CVE-2017-9716 affects the Qualcomm Qbt1000 driver (Qualcomm components) in Android for MSM and related CAF-based kernels. The vulnerability is described as an Elevation of Privilege (EoP) issue, with CVE records (NVD, CVELIST, CNVD) confirming the driver as the vulnerable component and noting an ...

7.8CVSS7.1AI score0.00158EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.46 views

CVE-2018-11294

CVE-2018-11294 affects Qualcomm CAF Android WLAN components (WLAN HOST). The issue arises in the WLAN firmware handling, where information for 4 Access Categories (AC) is provided but only the first 3 ACs are copied due to improper conditional logic. This truncation potentially affects the WLAN A...

8CVSS7.4AI score0.00331EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.46 views

CVE-2018-11860

CVE-2018-11860 affects CAF Android builds using the Linux kernel, where a buffer overflow could occur while processing the ndp event due to a missing length check. The vulnerability is described as a local issue with high impact (per CVSS: 7.2/7.8), but the connected documents do not provide spec...

7.8CVSS7.4AI score0.00202EPSS
CVE
CVE
added 2018/09/19 2:0 p.m.46 views

CVE-2018-11886

CVE-2018-11886 affects Qualcomm WLAN host in Android CAF/linux-kernel WLAN stack. Root cause: missing validation when calculating MPDU data length leads to an integer overflow, then a buffer overflow in the WLAN function. Impact per sources is consistent with local, low-privilege exploitation and...

7.8CVSS7.6AI score0.00201EPSS
CVE
CVE
added 2018/11/27 6:0 p.m.46 views

CVE-2018-11910

Technical details about CVE-2018-11910 are not publicly provided in the connected documents. Monitor for updates; current sources only reiterate a general access-control issue related to CAF/Linux in Android releases.

7.8CVSS7.3AI score0.00162EPSS
CVE
CVE
added 2018/12/20 3:0 p.m.46 views

CVE-2018-11985

CVE-2018-11985 affects Android releases (Android for MSM, Firefox OS for MSM, QRD Android) built with CAF Linux kernel. The vulnerability is a heap overflow caused by an integer overflow when allocating heap with a user-supplied size, arising from roundup to native pointer. CVSS2/3 indicate MEDIU...

7.8CVSS7.5AI score0.00156EPSS
CVE
CVE
added 2020/04/08 5:10 p.m.46 views

CVE-2018-21045

CVE-2018-21045 affects Samsung mobile devices running N(7.x) and O(8.x). The issue is that clipboard data can be accessed while the device is in the lockscreen state via a copy-and-paste action. This is a local exposure of the clipboard contents (no user interaction required), with the impact des...

6.2CVSS6.3AI score0.00142EPSS
CVE
CVE
added 2020/04/08 5:11 p.m.46 views

CVE-2018-21046

CVE-2018-21046 affects Samsung mobile devices running O(8.x) software. The issue is a clipboard data exposure via the Emergency Dialer when a USB device is connected. The connected documents do not provide a concrete root cause, exploit details, or remediation steps. No public mitigation details ...

2.4CVSS4.2AI score0.00134EPSS
CVE
CVE
added 2020/04/08 5:27 p.m.46 views

CVE-2018-21065

The CVE-2018-21065 entry concerns an integer underflow in eCryptFS on Samsung mobile devices running Android M/N/O, caused by a missing size check (Samsung ID SVE-2017-11855). Affected products are Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. The available documents describe t...

9.8CVSS9.3AI score0.00443EPSS
CVE
CVE
added 2020/04/08 5:24 p.m.46 views

CVE-2018-21067

No concrete technical details (affected product/component, root cause, versions, or fix) are provided across the connected documents for CVE-2018-21067. The sources only repeat the generic Samsung Trustlet information disclosure description. Monitor for updates.

5.3CVSS5.2AI score0.0034EPSS
CVE
CVE
added 2020/04/08 5:2 p.m.46 views

CVE-2018-21080

CVE-2018-21080 affects Samsung mobile devices running N(7.x). A physically proximate attacker can use a magnet to activate NFC and bypass the lockscreen (Samsung ID SVE-2017-10897). Exploitation details, affected models/versions, and fixes are not explicitly provided in the connected documents; o...

4.6CVSS4.8AI score0.00096EPSS
CVE
CVE
added 2020/04/08 2:42 p.m.46 views

CVE-2018-21088

CVE-2018-21088 affects Samsung mobile devices running N(7.x). The issue is that InputMethodManagerService exposes an unprotected system service, enabling an attacker to trigger a reboot. The description in connected sources confirms the root cause and impact, but there are no specific patch versi...

7.8CVSS7.5AI score0.00422EPSS
CVE
CVE
added 2020/04/08 1:27 p.m.46 views

CVE-2018-21090

CVE-2018-21090 affects Samsung mobile devices with software up to 2017-11-03 on S.LSI Exynos modem chipsets, due to a baseband buffer overflow in the Exynos modem chipset. The issue is described across multiple sources (NVD entry, Red Hat advisory, CNVD entry, PRION page, CVE listing) with CVSS v...

10CVSS9.5AI score0.00561EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.46 views

CVE-2018-3566

CVE-2018-3566 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds with CAF linux kernels prior to the 2018-04-05 security patch level. Root cause: a buffer overwrite in ProcSetReqInternal() caused by a missing length check. The issue is categorized as Elevation of Privile...

7.8CVSS7.2AI score0.00372EPSS
CVE
CVE
added 2018/07/06 5:0 p.m.46 views

CVE-2018-3577

CVE-2018-3577 affects Qualcomm WLAN within Android CAF builds (Android for MSM, etc.) prior to the 2018-06-05 patch level. The issue arises while processing fragments: when fragment count is very large, an integer overflow can cause a buffer overflow. The vulnerability is documented in multiple s...

7.5CVSS7.5AI score0.00848EPSS
CVE
CVE
added 2018/06/06 9:0 p.m.46 views

CVE-2018-3580

CVE-2018-3580 describes a stack-based buffer overflow in the WLAN driver when the pmkid_count exceeds the PMKIDCache size on CAF Android (Android for MSM, Firefox OS for MSM, QRD Android) builds using the Linux kernel. The issue affects all such Android releases and relates to the PMKID cache siz...

9.3CVSS5.9AI score0.00386EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.46 views

CVE-2018-5828

Vulnerability CVE-2018-5828 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds with CAF Linux kernels prior to 2018-04-05. The issue is in function wma_extscan_start_stop_event_handler() where vdev_id is taken from firmware and not properly validated, potentially leading...

7.8CVSS7.2AI score0.00161EPSS
CVE
CVE
added 2018/11/27 6:0 p.m.46 views

CVE-2018-5856

CVE-2018-5856 affects the Linux kernel in Qualcomm audio paths (sound/soc/qcom/qdsp6/q6asm.c), caused by a race condition leading to a use-after-free. Vendor-specific Android builds (CAF) on MSM, including Audio components, are affected. The description notes potential kernel panic or other unspe...

7.8CVSS7.4AI score0.00197EPSS
CVE
CVE
added 2018/07/06 7:0 p.m.46 views

CVE-2018-5858

CVE-2018-5858 concerns an out-of-bounds access in the audio debugfs for Android CAF builds using the Linux kernel, affecting Android for MSM, Firefox OS for MSM, and QRD Android prior to the 2018-07-05 security patch level. The issue is triggered via the audio debugfs component of the kernel, wit...

7.8CVSS7.2AI score0.00191EPSS
CVE
CVE
added 2018/07/06 5:0 p.m.46 views

CVE-2018-5899

CVE-2018-5899 affects Android CAF builds (Android for MSM, Firefox OS for MSM, QRD Android) with the Linux kernel used in these releases. A use-after-free occurs in the TDLS path: netbuf is freed in ol_tx_completion_handler and subsequently accessed by NBUF_UPDATE_TX_PKT_COUNT. This use-after-fre...

7.8CVSS7.3AI score0.00168EPSS
CVE
CVE
added 2018/11/06 5:0 p.m.46 views

CVE-2018-9437

CVE-2018-9437 involves an out-of-bounds read in getstring() of ID3.cpp, causing a possible remote denial of service in Android. Affected products/versions: Android 6.0–8.1 (as listed). Root cause: missing bounds check on string handling. Impact: DoS with user interaction required (per CVSS3: Loca...

7.1CVSS5.8AI score0.00884EPSS
CVE
CVE
added 2018/10/02 7:0 p.m.46 views

CVE-2018-9490

The CVE-2018-9490 issue affects Android, specifically the CollectValuesOrEntriesImpl function in elements.cc. The root cause is a type confusion that can enable remote code execution, leading to remote escalation of privilege. The vulnerability is exploitable with user interaction and has a local...

9.3CVSS8.1AI score0.01443EPSS
CVE
CVE
added 2018/10/02 7:0 p.m.46 views

CVE-2018-9498

CVE-2018-9498 affects Android's media stack, specifically the Skia component’s SkSampler::Fill in SkSampler.cpp. The issue is a possible out-of-bounds write caused by an integer overflow, enabling remote code execution with user interaction required. Affected: Android 7.0–7.1.2 and 8.0–8.1 (Andro...

9.3CVSS7.9AI score0.01625EPSS
CVE
CVE
added 2018/11/14 6:0 p.m.46 views

CVE-2018-9523

CVE-2018-9523 affects Android 7.0–9 in Parcel.java’s Parcel.writeMapInternal, where a parcel serialization/deserialization mismatch arises from improper input validation. This creates local privilege escalation with no user interaction required; the issue is exploitable locally within affected An...

7.8CVSS8.1AI score0.00182EPSS
CVE
CVE
added 2018/11/14 6:0 p.m.46 views

CVE-2018-9536

CVE-2018-9536 affects Android 9 via libFDK, where out-of-bounds writes result from incorrect bounds checks. This vulnerability can enable remote code execution with no extra privileges, requiring user interaction to exploit. Public references in the connected documents include the Android 2018-11...

9.3CVSS8.1AI score0.01428EPSS
CVE
CVE
added 2018/11/14 6:0 p.m.46 views

CVE-2018-9541

CVE-2018-9541 affects Android devices (Android 7.0–9) and targets the Bluetooth stack. The flaw is in the function avrc_pars_vendor_rsp of avcr_pars_ct.cc , where a missing bounds check can cause an out-of-bounds read. This can lead to remote information disclosure in the Bluetooth service withou...

7.5CVSS7.2AI score0.01109EPSS
CVE
CVE
added 2019/02/12 12:0 a.m.46 views

CVE-2018-9582

CVE-2018-9582 affects Android 8.0–9 package installer, enabling local elevation of privilege via bypassing the unknown-source warning in a confused deputy scenario. Exploitation requires no user interaction; attacker gains partial to high impact on confidentiality, integrity, and availability. Th...

7.8CVSS6.2AI score0.00211EPSS
CVE
CVE
added 2019/02/12 12:0 a.m.46 views

CVE-2018-9594

Summary: CVE-2018-9594 affects Android 7.x–9.x (7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9) in the llcp_link_proc_agf_pdu path of llcp_link.cc. Described as an out-of-bounds read caused by an integer overflow, enabling local information disclosure over NFC without user interaction. Impact (per sources): Loca...

6.5CVSS5.3AI score0.0033EPSS
CVE
CVE
added 2019/04/19 7:42 p.m.46 views

CVE-2019-2039

In CVE-2019-2039, the flaw is a possible out-of-bounds read in rw_i93_sm_detect_ndef within rw_i93.cc, caused by a missing bounds check. This can lead to local information disclosure on Android devices. Affected products/versions include Android 7.0, 7.1.x, 8.x, and 9 (as listed in the NVD entry)...

5CVSS4.7AI score0.00167EPSS
CVE
CVE
added 2019/04/19 7:46 p.m.46 views

CVE-2019-2041

The CVE-2019-2041 issue concerns the NFC module configuration in Android devices, where an insecure default value can cause a failure to distinguish between devices. This enables local elevation of privilege with no extra execution privileges, with user interaction required for exploitation. Affe...

7.3CVSS7.3AI score0.00188EPSS
CVE
CVE
added 2020/03/24 5:47 p.m.46 views

CVE-2019-20537

CVE-2019-20537 affects Samsung mobile devices on P(9.0) platforms leveraging the SEM Trustlet (TEEGRIS/Qualcomm chipsets). The vulnerability is an arbitrary memory overwrite in the SEM Trustlet, which can lead to arbitrary code execution. Affected hardware/firmware details: Samsung devices using ...

10CVSS9.6AI score0.00831EPSS
CVE
CVE
added 2020/03/24 5:51 p.m.46 views

CVE-2019-20540

CVE-2019-20540 affects Samsung mobile devices running N(7.x), O(8.x), and P(9.0) Exynos software. The issue is a buffer over-read in the core touch screen driver that can lead to a possible information leak. Connected sources corroborate the same description; no explicit patch/version details or ...

5.5CVSS5.6AI score0.00134EPSS
CVE
CVE
added 2020/03/24 5:57 p.m.46 views

CVE-2019-20545

Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) are affected by CVE-2019-20545 due to a buffer overflow in the HDCP Trustlet that contaminates secure TEEGRIS memory. The issue is tracked as Samsung SVE-2019-15283 (November 2019). Impact is described as high/critical with potential...

10CVSS9.7AI score0.00561EPSS
CVE
CVE
added 2020/03/24 6:12 p.m.46 views

CVE-2019-20549

The vulnerability CVE-2019-20549 affects Samsung mobile devices (N7.x, O8.x, P9.0) with Broadcom Bluetooth, where a heap out-of-bounds access can occur during LE Packet reception. The issue is tracked under Samsung ID SVE-2019-15724. According to the provided metrics, the CVSS base scores indicat...

9.8CVSS9.4AI score0.00535EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.46 views

CVE-2019-2055

CVE-2019-2055 affects Android 10 via the libxaac library, where an out-of-bounds write due to a missing bounds check enables remote code execution with the attacker needing no privileges and requiring user interaction. The issue is documented across multiple feeds (NVD, RH, CNVD) and is associate...

8.8CVSS9AI score0.00714EPSS
CVE
CVE
added 2020/03/24 6:15 p.m.46 views

CVE-2019-20550

CVE-2019-20550 affects certain Samsung mobile devices running O(8.x) software (China/India releases). The issue, described across multiple sources, is that the S Secure app can access the contents of a locked application without requiring a password. The Red Hat and NVD entries mirror this descri...

5.5CVSS5.5AI score0.00126EPSS
CVE
CVE
added 2020/03/24 6:23 p.m.46 views

CVE-2019-20556

The CVE-2019-20556 entry concerns Samsung mobile devices with Android 9.0 (P) on specific chipsets (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, exynos9820). The issue is a memory corruption in the RKP (root key protection) path that permits an attacker to control the effective address ...

9.8CVSS9.5AI score0.00443EPSS
CVE
CVE
added 2020/03/24 6:53 p.m.46 views

CVE-2019-20582

CVE-2019-20582 concerns a use-after-free in the ion driver on Samsung mobile devices with Exynos9810 (O(8.x) and P(9.0)). The NVD entry lists a CVSS-3.1 base score of 9.8 (CRITICAL) with network attack vector, no privileges required, and high impacts to confidentiality, integrity, and availabilit...

9.8CVSS9.5AI score0.00443EPSS
CVE
CVE
added 2020/03/24 7:5 p.m.46 views

CVE-2019-20595

CVE-2019-20595 concerns Samsung mobile devices running P(9.0) where the Quick Panel can enable or disable the Bluetooth stack without authentication. Affected: Samsung mobile devices with P(9.0) software (as cited in the CVE records). Root cause: an insecure Quick Panel action allows state change...

2.4CVSS4.3AI score0.00136EPSS
CVE
CVE
added 2020/03/24 7:15 p.m.46 views

CVE-2019-20604

The connected records indicate CVE-2019-20604 affects Samsung mobile devices running O(8.x) software, with the Gallery application being permanently disableable by an attacker. The core information available: affected product (Samsung Gallery on Samsung devices), impact (Gallery can be disabled p...

7.5CVSS7.6AI score0.00415EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.46 views

CVE-2019-2069

CVE-2019-2069 affects Android 10 via a vulnerability in libxaac caused by a missing bounds check, leading to an out-of-bounds write that could cause remote code execution. The description states user interaction is required for exploitation. Connected documentation confirms the issue exists in li...

8.8CVSS9AI score0.00714EPSS
CVE
CVE
added 2020/04/17 1:45 p.m.46 views

CVE-2019-20782

CVE-2019-20782 describes a buffer overflow in LG Advanced Flash (LAF) on LG mobile devices running Android 7.x–8.1. The issue is tied to LG’s LAF component and 나타는 root cause is a buffer overflow. Documents specify affected versions and device scope but do not provide exploit details, affected pr...

9.8CVSS9.4AI score0.0044EPSS
CVE
CVE
added 2020/03/15 9:13 p.m.46 views

CVE-2019-2089

CVE-2019-2089 affects Android 10 Framework: during app uninstallation, a set of permissions may remain for a shared app ID, enabling local privilege escalation with no additional execution privileges required. The condition is exploitable with user interaction. The issue is documented in Android ...

7.8CVSS8.1AI score0.00166EPSS
CVE
CVE
added 2019/08/20 7:47 p.m.46 views

CVE-2019-2122

CVE-2019-2122 affects Android 7.0–9, describing a local privilege-escalation in LockTaskController.lockKeyguardIfNeeded due to a differing default-case handling between WindowManager and Settings. Impact: potential elevation of privileges with user interaction required; exploitability is local. C...

7.3CVSS7.2AI score0.00185EPSS
CVE
CVE
added 2019/08/20 7:51 p.m.46 views

CVE-2019-2131

CVE-2019-2131 affects Android devices where an application with overlay permission can display overlays on top of the Settings UI, potentially enabling local elevation of privilege. The issue is tied to the overlay permission mechanism on versions including Android 7.0–9.x (Android-7.0, 7.1.1, 7....

9.3CVSS7.6AI score0.00519EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.46 views

CVE-2019-2172

CVE-2019-2172 is a information-disclosure flaw in the Android 10 libxaac component caused by uninitialized data. The vulnerability could allow access to information without extra execution privileges, with the attack requiring user interaction. Affected product: Android 10 (libxaac in Android). T...

6.5CVSS6.4AI score0.00583EPSS
Total number of security vulnerabilities8153