Lucene search
K
GoogleAndroid

8153 matches found

CVE
CVE
added 2017/04/07 10:0 p.m.45 views

CVE-2017-0546

Concrete details found in connected documents: CVE-2017-0546 is described as an elevation of privilege vulnerability in Android's SurfaceFlinger. Affected product is Android, with versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 identified in the CNVD entry. The CNVD/CVE records indicate a lo...

9.3CVSS7.7AI score0.00798EPSS
CVE
CVE
added 2017/05/12 3:0 p.m.45 views

CVE-2017-0618

CVE-2017-0618 is an elevation-of-privilege vulnerability in the MediaTek command queue driver that could allow a local malicious app to execute arbitrary code in the kernel context on Android. The issue requires compromising a privileged process first and is rated High. Affected component: MediaT...

7.6CVSS6.7AI score0.00489EPSS
CVE
CVE
added 2018/04/05 6:0 p.m.45 views

CVE-2017-0751

CVE-2017-0751 is a local elevation-of-privilege vulnerability in the Qualcomm QCE driver affecting Android kernel. Affected component: QCE driver within the Android platform; vulnerable code path enables a privileged escalation. Exploitation status is not detailed in the provided documents. The v...

5.3CVSS5.8AI score0.00149EPSS
CVE
CVE
added 2017/11/16 11:0 p.m.45 views

CVE-2017-0851

The CVE-2017-0851 entry describes an information-disclosure vulnerability in Android's media framework (libhevc). Affected are Android versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, and 8.0. The issue is a information disclosure (confidentiality impact) vulnerability in the Media framework...

5.3CVSS5.4AI score0.00356EPSS
CVE
CVE
added 2017/11/16 11:0 p.m.45 views

CVE-2017-0853

CVE-2017-0853 is an information-disclosure vulnerability in Android’s Media framework affecting 7.0, 7.1.1, 7.1.2 and 8.0 on Pixel/Nexus devices. Connected CNVD entry confirms a Media framework information-disclosure issue; Pixel bulletin explicitly lists CVE-2017-0853 in the Media framework with...

9.1CVSS7AI score0.00483EPSS
CVE
CVE
added 2017/12/05 5:0 p.m.45 views

CVE-2017-11045

CVE-2017-11045 affects the Android camera stack (Android for MSM / CAF Linux kernel) in the camera driver function, where a race condition can lead to a Use-After-Free. The vulnerability is localized and impacts components related to Qualcomm/Camera in affected Android builds; CVSS scores indicat...

7CVSS6.4AI score0.00098EPSS
CVE
CVE
added 2017/11/16 10:0 p.m.45 views

CVE-2017-11058

CVE-2017-11058 affects Android on MSM/Qualcomm WLAN (cfg80211 vendor command handling). The issue is a buffer over-read in the WLAN driver, prompting potential information disclosure (confidentiality impact). Affected firmware, per Pixel/Nexus security bulletin, was addressed by the 2017-11-05 pa...

7.5CVSS7.1AI score0.00412EPSS
CVE
CVE
added 2018/01/10 10:0 p.m.45 views

CVE-2017-11066

CVE-2017-11066 affects Android on MSM platforms (Android for MSM, Firefox OS for MSM, QRD Android) with CAF Linux kernel; during ubi image flashing, an uninitialized memory region could be accessed. Connected records corroborate this description. The provided documents do not include explicit exp...

7.5CVSS7AI score0.00412EPSS
CVE
CVE
added 2018/11/27 6:0 p.m.45 views

CVE-2017-11078

CVE-2017-11078 describes an out-of-bounds read in the boot image header processing for CAF Android builds (Android for MSM, Firefox OS for MSM, QRD Android with the Linux kernel). The issue is a local memory/read fault in the boot component, with CVSS scores indicating moderate to high impact acr...

7.8CVSS7.4AI score0.00169EPSS
CVE
CVE
added 2017/12/06 2:0 p.m.45 views

CVE-2017-13170

CVE-2017-13170 is an elevation of privilege in the MediaTek display driver used by Android. The issue affects the Android kernel via the MediaTek display driver component and is described as a local EoP vulnerability with potential to gain privileged execution. The Android 2017-12-01/2017-12-05 s...

7.8CVSS7.5AI score0.00158EPSS
CVE
CVE
added 2018/01/12 11:0 p.m.45 views

CVE-2017-13198

CVE-2017-13198 affects the Android media framework (ex) and is linked to the composition of frames lacking a color map. Affected versions are Android 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. The vulnerability is described as a DoS risk with impact on availability (per NVD metrics: HIGH) and is categorize...

7.8CVSS7.1AI score0.00585EPSS
CVE
CVE
added 2018/01/12 11:0 p.m.45 views

CVE-2017-13202

CVE-2017-13202 is an information-disclosure vulnerability in Android’s media framework component libeffects . Affects Android releases listed in the entry: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. The connected documents consistently describe the issue as a libeffects information-disclosur...

7.5CVSS6.8AI score0.00631EPSS
CVE
CVE
added 2018/01/12 11:0 p.m.45 views

CVE-2017-13225

CVE-2017-13225 describes a heap buffer overflow in MTK Media (MTK MTK Media) within libMtkOmxVdec.so that could enable local elevation of privilege and code execution in a privileged Android process. Exploitation is described as requiring user interaction, with the impact stated as remote-like pr...

9.3CVSS7.8AI score0.00892EPSS
CVE
CVE
added 2018/04/04 4:0 p.m.45 views

CVE-2017-13301

CVE-2017-13301 is a DoS in Android 8.0’s system UI (Android system UI). The available connected sources indicate this affects Pixel/Nexus devices (Android 8.0) and is categorized as DoS in the Android System UI component, with a moderate severity patch path in the Pixel/ Nexus security bulletin s...

7.8CVSS7AI score0.0043EPSS
CVE
CVE
added 2018/01/10 10:0 p.m.45 views

CVE-2017-14870

CVE-2017-14870 affects Android for MSM/CAF Linux-based Android (Android builds using CAF), specifically involving 1088 bytes of stack memory leakage during eMMC recovery message updates. The vulnerability is categorized as information disclosure with partial confidentiality impact and could be ex...

7.5CVSS7.1AI score0.00412EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.45 views

CVE-2017-14875

CVE-2017-14875 describes a heap overread in the ioctl handler VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE used by Android for MSM, Firefox OS for MSM, and QRD Android prior to 2017-05-23. The provided documents name the affected environments and the general vulnerability class but do not provide further root...

7.5CVSS7.5AI score0.00542EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.45 views

CVE-2017-14892

CVE-2017-14892 affects Android for MSM, Firefox OS for MSM, and QRD Android builds prior to 2017-09-19. The issue stems from not properly validating the return value of q6asm_open_shared_io() in msm_pcm_hw_params(), which can lead to a dangling pointer access. The available sources describe the v...

7.8CVSS7.3AI score0.0016EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.45 views

CVE-2017-14894

CVE-2017-14894 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF with the Linux kernel prior to the 2018-04-05 patch level. In wma_vdev_start_resp_handler(), the vdev_id received from firmware can exceed the maximum BSSID stored in wma_handle->interfaces, l...

7.5CVSS6.9AI score0.00344EPSS
CVE
CVE
added 2018/02/23 11:0 p.m.45 views

CVE-2017-15829

CVE-2017-15829 is a Qualcomm Graphics_Linux component vulnerability reported as a race condition in the GPU driver that can lead to a Use-After-Free. The issue is listed as Elevation of Privilege (EoP) and is associated with Qualcomm’s graphics stack on CAF Android builds using the Linux kernel. ...

7CVSS6.5AI score0.00116EPSS
CVE
CVE
added 2018/01/10 10:0 p.m.45 views

CVE-2017-15850

CVE-2017-15850 affects Android for MSM, Firefox OS for MSM, and QRD Android on CAF builds using the Linux kernel; described impact is that userspace can read values from audio codec registers. The connected documents do not provide concrete root-cause details or a remediation/fix. No exploitation...

7.5CVSS7AI score0.00556EPSS
CVE
CVE
added 2018/06/12 8:0 p.m.45 views

CVE-2017-15857

CVE-2017-15857 is an out-of-bounds access vulnerability in the camera driver of Android CFAs (Android for MSM, Firefox OS for MSM, QRD Android) linked to an error when copying region params from user space in the Linux kernel. Affected product area: camera subsystem/kernell driver in Android rele...

7.8CVSS7.2AI score0.00165EPSS
CVE
CVE
added 2018/02/23 11:0 p.m.45 views

CVE-2017-15862

CVE-2017-15862 is a Qualcomm WLAN vulnerability reported across Android CAF/Linux kernel builds. The issue arises in the function wma_unified_link_radio_stats_event_handler(), where the firmware-provided count of radio channels is not properly validated, potentially triggering an integer overflow...

7.8CVSS7.4AI score0.0015EPSS
CVE
CVE
added 2018/03/16 10:0 p.m.45 views

CVE-2017-18061

CVE-2017-18061 affects Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernel. The vulnerability stems from a potential buffer overflow when processing an AOA (Android Open Accessory) measurement event from WIGIG firmware in wil_aoa_evt_meas(), with Wil6210 as the rela...

7.8CVSS7.4AI score0.00173EPSS
CVE
CVE
added 2018/03/15 9:0 p.m.45 views

CVE-2017-18063

CVE-2017-18063 affects Android for MSM (CAF Linux kernel) with WLAN firmware; the issue is improper input validation for nlo_event in wma_nlo_match_evt_handler(), which can cause out-of-bounds memory access. Affected products are Android builds for MSM/CAF and related devices using the Linux kern...

7.8CVSS7.1AI score0.0021EPSS
CVE
CVE
added 2017/08/16 3:0 p.m.45 views

CVE-2017-8243

CVE-2017-8243 is documented with concrete details in connected sources: it affects Qualcomm components, specifically the SoC driver, categorized as Elevation of Privilege (EoP) with a Moderate impact. The root cause is a buffer overflow that can occur when processing a firmware image file. Public...

9.3CVSS7.6AI score0.00473EPSS
CVE
CVE
added 2017/08/11 3:0 p.m.45 views

CVE-2017-8273

CVE-2017-8273: In Qualcomm CAF Android builds, a buffer overflow can occur while processing the fastboot boot command when verified boot is disabled, if the command length exceeds the boot image buffer. This affects the bootloader component and is described with a high-severity, local attack surf...

7.8CVSS7.6AI score0.00385EPSS
CVE
CVE
added 2018/01/10 10:0 p.m.45 views

CVE-2017-9689

CVE-2017-9689 is linked to stack memory corruption via HDMI CEC in the Qualcomm HDMI driver, affecting Android for MSM and related CAF/Linux-based builds. Connected sources corroborate the issue across Android for MSM, Firefox OS for MSM, and QRD Android, with the HDMI driver listed as the compon...

7.8CVSS7AI score0.00155EPSS
CVE
CVE
added 2017/12/05 5:0 p.m.45 views

CVE-2017-9710

CVE-2017-9710 is described as a buffer overflow in the IOCTL path used to send QMI NOTIFY REQ messages in Android for MSM, Firefox OS for MSM, and CAF Android builds using the Linux kernel. The root cause is that the IOCTL interface can be invoked from multiple contexts, enabling a buffer overflo...

7.8CVSS7.3AI score0.00137EPSS
CVE
CVE
added 2017/12/05 5:0 p.m.45 views

CVE-2017-9718

Technical details for CVE-2017-9718 are not publicly available in the provided connected documents. The description mentions a race condition in a multimedia driver but does not specify affected products, versions, root cause, or fixes. Monitor for updates.

7CVSS6.5AI score0.00098EPSS
CVE
CVE
added 2017/11/16 10:0 p.m.45 views

CVE-2017-9719

CVE-2017-9719 affects Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernel with the MDSS HDMI CEC kernel driver. The issue is a buffer overflow in HDMI CEC parsing when the frame size is out of range, potentially enabling local code execution with high impact on conf...

7.8CVSS7.3AI score0.00137EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.45 views

CVE-2018-11265

CVE-2018-11265 concerns a buffer overflow in Qualcomm MProc when Android CAF/Linux kernel handles log_buf with a uint64_t; the log_buf pointer may access memory beyond bounds when incremented in memcpy. Multiple sources (NVD entry and CNVD/PRION-style mappings) associate this with Android on Pixe...

7.8CVSS7.6AI score0.00202EPSS
CVE
CVE
added 2018/11/27 6:0 p.m.45 views

CVE-2018-11266

CVE-2018-11266 affects Android builds (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. The root cause is improper input validation that can allow access to already freed dci client entries when closing a dci client. Public details in NVD/CVE records indicate a l...

7.8CVSS7.4AI score0.00191EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.45 views

CVE-2018-11281

CVE-2018-11281 describes a use-after-free condition in CAF-based Android variants (Android for MSM, Firefox OS for MSM, QRD Android) due to unsafe handling of IPA_IOC_MDFY_RT_RULE IOCTL header entries. If called for entries that were previously deleted, the header is used without proper validatio...

7.8CVSS7.7AI score0.0019EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.45 views

CVE-2018-11302

CVE-2018-11302 corresponds to a WLAN buffer overflow issue described in Qualcomm CAF Android variants (Android for MSM, Firefox OS for MSM, QRD Android) where input from userspace could be copied into a kernel buffer without proper validation. The CVE is listed under the Qualcomm component mappin...

7.8CVSS7.6AI score0.00178EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.45 views

CVE-2018-11868

CVE-2018-11868 describes a buffer overflow in the nan response event handler due to lack of length validation for values received from firmware. The issue affects Android releases (Android for MSM, Firefox OS for MSM, QRD Android) derived from CAF using the Linux kernel, with the root cause being...

7.8CVSS7.6AI score0.00218EPSS
CVE
CVE
added 2018/09/19 2:0 p.m.45 views

CVE-2018-11897

The CVE-2018-11897 entry concerns CAF Android/Linux kernel WLAN code. Affected: Android releases (Android for MSM, Firefox OS for MSM, QRD Android) using CAF’s Linux kernel. The issue occurs while processing a diag event after connecting to a network, where an out-of-bounds read can occur if the ...

7.8CVSS7.3AI score0.00202EPSS
CVE
CVE
added 2020/04/08 4:44 p.m.45 views

CVE-2018-21041

CVE-2018-21041 affects Samsung mobile devices running O(8.x). The issue allows access to the Gallery inside the Secure Folder without authentication. The vulnerability is rooted in the Secure Folder access flow (exact root cause not detailed in the provided documents). Impact is elevated: unautho...

7.5CVSS7.4AI score0.00429EPSS
CVE
CVE
added 2020/04/08 5:42 p.m.45 views

CVE-2018-21051

The CVE-2018-21051 entry concerns Samsung mobile devices with Exynos N(7.x) and O(8.x) software, where an invalid free in the fingerprint Trustlet can lead to arbitrary code execution. The vulnerability is supported by multiple connected records (e.g., NVD, Red Hat, CNVD) that describe the same i...

10CVSS9.7AI score0.00862EPSS
CVE
CVE
added 2020/04/08 5:19 p.m.45 views

CVE-2018-21071

Technical details about CVE-2018-21071 are not publicly provided in the connected documents. Monitor for updates from vendors and security advisories for affected products and remediation.

7.5CVSS7.2AI score0.00324EPSS
CVE
CVE
added 2018/03/16 10:0 p.m.45 views

CVE-2018-3560

CVE-2018-3560 describes a double-free in the Android sound path. Affected products include Android for MSM, Firefox OS for MSM, and QRD Android with CAF Linux-kernel branches. The root cause is a double-free in the Audio Driver when opening a sound compression device, leading to potential misuse ...

7.8CVSS7.1AI score0.00141EPSS
CVE
CVE
added 2018/06/06 9:0 p.m.45 views

CVE-2018-3565

CVE-2018-3565 affects Qualcomm WLAN/CAF Android devices where lim_send_sme_probe_req_ind() in the WLAN stack of the Linux kernel can overflow a buffer during probe request indication. The issue is documented across multiple sources as a buffer overflow in the Android CAF/Linux kernel path used fo...

9.3CVSS5.9AI score0.00386EPSS
CVE
CVE
added 2018/06/12 8:0 p.m.45 views

CVE-2018-3579

The CVE-2018-3579 issue affects the WLAN driver in CAF Android builds (Android for MSM, Firefox OS for MSM, QRD Android) that use the Linux kernel. The root cause is that event->num_entries_in_page, a value received from firmware, is not properly validated, which can lead to a buffer over-read...

5.5CVSS5.2AI score0.00161EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.45 views

CVE-2018-3584

CVE-2018-3584 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds (CAF) with Linux kernels older than the 2018-04-05 patch level. The issue is a Use After Free in rmnet_usb_ctrl_init(), impacting the rmnet_usb component. In the NVD entry, CVSS v3.0 is 7.5 (HIGH) with netw...

7.5CVSS7.2AI score0.00439EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.45 views

CVE-2018-3596

CVE-2018-3596 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds that use CAF Android with the Linux kernel versions prior to the 2018-04-05 patch level. The vulnerability stems from legacy code that remained vulnerable after migration, with the note that this legacy cod...

9.8CVSS8.8AI score0.00476EPSS
CVE
CVE
added 2018/07/06 5:0 p.m.45 views

CVE-2018-3597

CVE-2018-3597 affects the ADSP RPC driver in Android CAF builds using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android). Before the 2018-06-05 security patch level, this issue could allow an arbitrary kernel write via a local attack on vulnerable devices. The CVSS metrics in the...

7.8CVSS7.3AI score0.00172EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.45 views

CVE-2018-5826

CVE-2018-5826 describes a race condition leading to a Use-After-Free in the Qualcomm WLAN driver (qcacld-3.0 HDD driver) affecting Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android on CAF builds with Linux kernels before the 2018-04-05 patch level. The root cause is a race in the WLAN...

5.9CVSS5.4AI score0.00313EPSS
CVE
CVE
added 2018/07/06 7:0 p.m.45 views

CVE-2018-5853

CVE-2018-5853 describes a race condition in a driver used by CAF Android for MSM (Linux kernel variants) including Android for MSM, Firefox OS for MSM, and QRD Android. The issue potentially leads to a use-after-free condition. Impact details in the provided sources indicate local attack requirem...

7CVSS6.4AI score0.00137EPSS
CVE
CVE
added 2018/11/27 6:0 p.m.45 views

CVE-2018-5919

CVE-2018-5919 affects the Qualcomm QCACLD-2.0 WLAN host driver in Android CAF/Linux kernels (Android for MSM, QRD Android). The issue is a use-after-free in the WLAN host driver that can cause the device to reboot. Public remediation references include a CodeAurora patch (commit 81a80c9973833f7cd...

7.8CVSS7.4AI score0.00172EPSS
CVE
CVE
added 2018/11/06 5:0 p.m.45 views

CVE-2018-9454

CVE-2018-9454 affects Android (Android 6.0–8.1). Root cause: in bnep_data_ind of bnep_main.cc, a missing bounds check allows an out-of-bounds read, leading to possible local information disclosure without extra privileges. Impact is information disclosure; exploitation requires local access and d...

5.5CVSS5.3AI score0.00199EPSS
CVE
CVE
added 2018/10/02 7:0 p.m.45 views

CVE-2018-9476

CVE-2018-9476 affects Android 8.0–8.1 via the Bluetooth stack: avrc_pars_browsing_cmd in avrc_pars_tg.cc, where a use-after-free caused by improper locking can enable remote privilege escalation with no user interaction. Exploitation is described as remote, with no additional execution privileges...

10CVSS8.9AI score0.02478EPSS
Total number of security vulnerabilities8153