Lucene search
K
GoogleAndroid

8153 matches found

CVE
CVE
added 2017/12/06 2:0 p.m.45 views

CVE-2017-13170

CVE-2017-13170 is an elevation of privilege in the MediaTek display driver used by Android. The issue affects the Android kernel via the MediaTek display driver component and is described as a local EoP vulnerability with potential to gain privileged execution. The Android 2017-12-01/2017-12-05 s...

7.8CVSS7.5AI score0.00158EPSS
CVE
CVE
added 2018/01/12 11:0 p.m.45 views

CVE-2017-13198

CVE-2017-13198 affects the Android media framework (ex) and is linked to the composition of frames lacking a color map. Affected versions are Android 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. The vulnerability is described as a DoS risk with impact on availability (per NVD metrics: HIGH) and is categorize...

7.8CVSS7.1AI score0.00585EPSS
CVE
CVE
added 2018/01/12 11:0 p.m.45 views

CVE-2017-13200

CVE-2017-13200 is an information disclosure vulnerability in the Android media framework (av) related to id3 unsynchronization. The consolidating sources identify the affected Android versions as 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. The vulnerability is classified as ID (information disclosure) with ...

7.5CVSS6.8AI score0.00437EPSS
CVE
CVE
added 2018/01/12 11:0 p.m.45 views

CVE-2017-13201

CVE-2017-13201 is an information-disclosure vulnerability in Android’s media framework (mediadrm). Affected Android versions include 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. The Pixel/Nexus security bulletin groups this under Media framework and marks it as Moderate severity, with CVSS...

7.5CVSS6.8AI score0.00514EPSS
CVE
CVE
added 2018/01/12 11:0 p.m.45 views

CVE-2017-13202

CVE-2017-13202 is an information-disclosure vulnerability in Android’s media framework component libeffects . Affects Android releases listed in the entry: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. The connected documents consistently describe the issue as a libeffects information-disclosur...

7.5CVSS6.8AI score0.00631EPSS
CVE
CVE
added 2018/01/12 11:0 p.m.45 views

CVE-2017-13203

CVE-2017-13203 is a disclosed vulnerability in the Android media framework (libavc) that enables information disclosure. Affected products/versions: Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Root cause is in libavc within the Media framework; CVSS details indicate Confidentiality impact HIGH (or PARTI...

9.1CVSS7.1AI score0.00684EPSS
CVE
CVE
added 2018/01/12 11:0 p.m.45 views

CVE-2017-13207

CVE-2017-13207 is an information-disclosure vulnerability in Android’s Media Framework (stagefright mpeg4writer) affecting Android 7.0, 7.1.1, 7.1.2 and 8.0. The issue is documented by NVD and reflected in the Pixel/Nexus bulletin under the Media framework. Affected component: stagefright mpeg4wr...

7.5CVSS6.8AI score0.00631EPSS
CVE
CVE
added 2018/01/12 11:0 p.m.45 views

CVE-2017-13225

CVE-2017-13225 describes a heap buffer overflow in MTK Media (MTK MTK Media) within libMtkOmxVdec.so that could enable local elevation of privilege and code execution in a privileged Android process. Exploitation is described as requiring user interaction, with the impact stated as remote-like pr...

9.3CVSS7.8AI score0.00892EPSS
CVE
CVE
added 2018/02/12 7:0 p.m.45 views

CVE-2017-13241

CVE-2017-13241 is an information-disclosure vulnerability in the Android media framework component libstagefright_soft_avcenc . Affected Android versions include 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. The connected sources confirm the issue is an information disclosure vulnerability ...

7.5CVSS6.4AI score0.00524EPSS
CVE
CVE
added 2018/01/10 10:0 p.m.45 views

CVE-2017-14870

CVE-2017-14870 affects Android for MSM/CAF Linux-based Android (Android builds using CAF), specifically involving 1088 bytes of stack memory leakage during eMMC recovery message updates. The vulnerability is categorized as information disclosure with partial confidentiality impact and could be ex...

7.5CVSS7.1AI score0.00412EPSS
CVE
CVE
added 2018/03/30 9:0 p.m.45 views

CVE-2017-14875

CVE-2017-14875 describes a heap overread in the ioctl handler VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE used by Android for MSM, Firefox OS for MSM, and QRD Android prior to 2017-05-23. The provided documents name the affected environments and the general vulnerability class but do not provide further root...

7.5CVSS7.5AI score0.00542EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.45 views

CVE-2017-14894

CVE-2017-14894 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF with the Linux kernel prior to the 2018-04-05 patch level. In wma_vdev_start_resp_handler(), the vdev_id received from firmware can exceed the maximum BSSID stored in wma_handle->interfaces, l...

7.5CVSS6.9AI score0.00344EPSS
CVE
CVE
added 2018/02/23 11:0 p.m.45 views

CVE-2017-15829

CVE-2017-15829 is a Qualcomm Graphics_Linux component vulnerability reported as a race condition in the GPU driver that can lead to a Use-After-Free. The issue is listed as Elevation of Privilege (EoP) and is associated with Qualcomm’s graphics stack on CAF Android builds using the Linux kernel. ...

7CVSS6.5AI score0.00116EPSS
CVE
CVE
added 2018/01/10 10:0 p.m.45 views

CVE-2017-15850

CVE-2017-15850 affects Android for MSM, Firefox OS for MSM, and QRD Android on CAF builds using the Linux kernel; described impact is that userspace can read values from audio codec registers. The connected documents do not provide concrete root-cause details or a remediation/fix. No exploitation...

7.5CVSS7AI score0.00556EPSS
CVE
CVE
added 2018/06/12 8:0 p.m.45 views

CVE-2017-15857

CVE-2017-15857 is an out-of-bounds access vulnerability in the camera driver of Android CFAs (Android for MSM, Firefox OS for MSM, QRD Android) linked to an error when copying region params from user space in the Linux kernel. Affected product area: camera subsystem/kernell driver in Android rele...

7.8CVSS7.2AI score0.00165EPSS
CVE
CVE
added 2018/03/15 9:0 p.m.45 views

CVE-2017-18063

CVE-2017-18063 affects Android for MSM (CAF Linux kernel) with WLAN firmware; the issue is improper input validation for nlo_event in wma_nlo_match_evt_handler(), which can cause out-of-bounds memory access. Affected products are Android builds for MSM/CAF and related devices using the Linux kern...

7.8CVSS7.1AI score0.0021EPSS
CVE
CVE
added 2017/08/11 3:0 p.m.45 views

CVE-2017-8273

CVE-2017-8273: In Qualcomm CAF Android builds, a buffer overflow can occur while processing the fastboot boot command when verified boot is disabled, if the command length exceeds the boot image buffer. This affects the bootloader component and is described with a high-severity, local attack surf...

7.8CVSS7.6AI score0.00385EPSS
CVE
CVE
added 2018/01/10 10:0 p.m.45 views

CVE-2017-9689

CVE-2017-9689 is linked to stack memory corruption via HDMI CEC in the Qualcomm HDMI driver, affecting Android for MSM and related CAF/Linux-based builds. Connected sources corroborate the issue across Android for MSM, Firefox OS for MSM, and QRD Android, with the HDMI driver listed as the compon...

7.8CVSS7AI score0.00155EPSS
CVE
CVE
added 2017/12/05 5:0 p.m.45 views

CVE-2017-9710

CVE-2017-9710 is described as a buffer overflow in the IOCTL path used to send QMI NOTIFY REQ messages in Android for MSM, Firefox OS for MSM, and CAF Android builds using the Linux kernel. The root cause is that the IOCTL interface can be invoked from multiple contexts, enabling a buffer overflo...

7.8CVSS7.3AI score0.00137EPSS
CVE
CVE
added 2017/12/05 5:0 p.m.45 views

CVE-2017-9718

Technical details for CVE-2017-9718 are not publicly available in the provided connected documents. The description mentions a race condition in a multimedia driver but does not specify affected products, versions, root cause, or fixes. Monitor for updates.

7CVSS6.5AI score0.00098EPSS
CVE
CVE
added 2017/11/16 10:0 p.m.45 views

CVE-2017-9719

CVE-2017-9719 affects Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernel with the MDSS HDMI CEC kernel driver. The issue is a buffer overflow in HDMI CEC parsing when the frame size is out of range, potentially enabling local code execution with high impact on conf...

7.8CVSS7.3AI score0.00137EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.45 views

CVE-2018-11265

CVE-2018-11265 concerns a buffer overflow in Qualcomm MProc when Android CAF/Linux kernel handles log_buf with a uint64_t; the log_buf pointer may access memory beyond bounds when incremented in memcpy. Multiple sources (NVD entry and CNVD/PRION-style mappings) associate this with Android on Pixe...

7.8CVSS7.6AI score0.00202EPSS
CVE
CVE
added 2018/11/27 6:0 p.m.45 views

CVE-2018-11266

CVE-2018-11266 affects Android builds (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. The root cause is improper input validation that can allow access to already freed dci client entries when closing a dci client. Public details in NVD/CVE records indicate a l...

7.8CVSS7.4AI score0.00191EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.45 views

CVE-2018-11281

CVE-2018-11281 describes a use-after-free condition in CAF-based Android variants (Android for MSM, Firefox OS for MSM, QRD Android) due to unsafe handling of IPA_IOC_MDFY_RT_RULE IOCTL header entries. If called for entries that were previously deleted, the header is used without proper validatio...

7.8CVSS7.7AI score0.0019EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.45 views

CVE-2018-11302

CVE-2018-11302 corresponds to a WLAN buffer overflow issue described in Qualcomm CAF Android variants (Android for MSM, Firefox OS for MSM, QRD Android) where input from userspace could be copied into a kernel buffer without proper validation. The CVE is listed under the Qualcomm component mappin...

7.8CVSS7.6AI score0.00178EPSS
CVE
CVE
added 2018/09/18 6:0 p.m.45 views

CVE-2018-11868

CVE-2018-11868 describes a buffer overflow in the nan response event handler due to lack of length validation for values received from firmware. The issue affects Android releases (Android for MSM, Firefox OS for MSM, QRD Android) derived from CAF using the Linux kernel, with the root cause being...

7.8CVSS7.6AI score0.00218EPSS
CVE
CVE
added 2018/09/19 2:0 p.m.45 views

CVE-2018-11897

The CVE-2018-11897 entry concerns CAF Android/Linux kernel WLAN code. Affected: Android releases (Android for MSM, Firefox OS for MSM, QRD Android) using CAF’s Linux kernel. The issue occurs while processing a diag event after connecting to a network, where an out-of-bounds read can occur if the ...

7.8CVSS7.3AI score0.00202EPSS
CVE
CVE
added 2018/08/17 8:0 p.m.45 views

CVE-2018-14982

According to CNVD-2020-28452, CVE-2018-14982 affects LG devices based on Android 6.0–8.1, with the GNSS application performing incorrect access control. The root cause is described as an access-control flaw that could let a remote attacker gain access to the GNSS app. The connected sources indica...

9.8CVSS9.2AI score0.00565EPSS
CVE
CVE
added 2020/04/08 4:44 p.m.45 views

CVE-2018-21041

CVE-2018-21041 affects Samsung mobile devices running O(8.x). The issue allows access to the Gallery inside the Secure Folder without authentication. The vulnerability is rooted in the Secure Folder access flow (exact root cause not detailed in the provided documents). Impact is elevated: unautho...

7.5CVSS7.4AI score0.00429EPSS
CVE
CVE
added 2020/04/08 5:9 p.m.45 views

CVE-2018-21044

CVE-2018-21044 affects Samsung mobile devices running N(7.x) and O(8.0). The issue is a buffer overflow in the sem Trustlet that can lead to arbitrary TEE code execution. Samsung IDs: SVE-2018-13230/13231/13232/13233. Connected sources confirm the fault and indicate a Samsung security update refe...

9.8CVSS9.8AI score0.00682EPSS
CVE
CVE
added 2020/04/08 5:30 p.m.45 views

CVE-2018-21062

The CVE-2018-21062 entry covers Samsung mobile devices running N(7.x) and O(8.x). The vulnerability allows an attacker to view Streams content (e.g., a Gallery slideshow) of a locked Secure Folder by connecting an external device when biometric authentication is disabled. The underlying impact is...

4.6CVSS4.8AI score0.00146EPSS
CVE
CVE
added 2020/04/08 5:19 p.m.45 views

CVE-2018-21071

Technical details about CVE-2018-21071 are not publicly provided in the connected documents. Monitor for updates from vendors and security advisories for affected products and remediation.

7.5CVSS7.2AI score0.00324EPSS
CVE
CVE
added 2020/04/08 5:3 p.m.45 views

CVE-2018-21079

CVE-2018-21079 affects Samsung mobile devices on L/M/N/O releases, with a kernel pointer leak in the USB gadget driver (SVE-2017-10993). The Red Hat and CNVD entries corroborate the issue as described, but the connected documents do not provide specific affected component versions beyond the gene...

7.5CVSS7.4AI score0.00413EPSS
CVE
CVE
added 2020/04/08 2:45 p.m.45 views

CVE-2018-21085

CVE-2018-21085 affects Samsung mobile devices running L(5.x), M(6.0), and N(7.x) with a race condition leading to use-after-free in the vnswap_deinit_backing_storage path. The issue is documented under Samsung’s SVE-2017-11176 identity; no remediation details are provided in the connected sources...

8.1CVSS8.1AI score0.00326EPSS
CVE
CVE
added 2020/04/08 1:15 p.m.45 views

CVE-2018-21092

CVE-2018-21092 affects Samsung mobile devices running M(6.x) and N(7.x). A crafted AT command can be delivered via an NFC tag by the DeviceTest application, leading to potential issue exposure on affected devices. The Red Hat/NVD entries reiterate the same description; no explicit exploitation de...

6.5CVSS6.7AI score0.00183EPSS
CVE
CVE
added 2018/03/16 10:0 p.m.45 views

CVE-2018-3560

CVE-2018-3560 describes a double-free in the Android sound path. Affected products include Android for MSM, Firefox OS for MSM, and QRD Android with CAF Linux-kernel branches. The root cause is a double-free in the Audio Driver when opening a sound compression device, leading to potential misuse ...

7.8CVSS7.1AI score0.00141EPSS
CVE
CVE
added 2018/06/06 9:0 p.m.45 views

CVE-2018-3565

CVE-2018-3565 affects Qualcomm WLAN/CAF Android devices where lim_send_sme_probe_req_ind() in the WLAN stack of the Linux kernel can overflow a buffer during probe request indication. The issue is documented across multiple sources as a buffer overflow in the Android CAF/Linux kernel path used fo...

9.3CVSS5.9AI score0.00386EPSS
CVE
CVE
added 2018/06/12 8:0 p.m.45 views

CVE-2018-3579

The CVE-2018-3579 issue affects the WLAN driver in CAF Android builds (Android for MSM, Firefox OS for MSM, QRD Android) that use the Linux kernel. The root cause is that event->num_entries_in_page, a value received from firmware, is not properly validated, which can lead to a buffer over-read...

5.5CVSS5.2AI score0.00161EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.45 views

CVE-2018-3584

CVE-2018-3584 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds (CAF) with Linux kernels older than the 2018-04-05 patch level. The issue is a Use After Free in rmnet_usb_ctrl_init(), impacting the rmnet_usb component. In the NVD entry, CVSS v3.0 is 7.5 (HIGH) with netw...

7.5CVSS7.2AI score0.00439EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.45 views

CVE-2018-3596

CVE-2018-3596 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds that use CAF Android with the Linux kernel versions prior to the 2018-04-05 patch level. The vulnerability stems from legacy code that remained vulnerable after migration, with the note that this legacy cod...

9.8CVSS8.8AI score0.00476EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.45 views

CVE-2018-5826

CVE-2018-5826 describes a race condition leading to a Use-After-Free in the Qualcomm WLAN driver (qcacld-3.0 HDD driver) affecting Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android on CAF builds with Linux kernels before the 2018-04-05 patch level. The root cause is a race in the WLAN...

5.9CVSS5.4AI score0.00313EPSS
CVE
CVE
added 2018/07/06 7:0 p.m.45 views

CVE-2018-5853

CVE-2018-5853 describes a race condition in a driver used by CAF Android for MSM (Linux kernel variants) including Android for MSM, Firefox OS for MSM, and QRD Android. The issue potentially leads to a use-after-free condition. Impact details in the provided sources indicate local attack requirem...

7CVSS6.4AI score0.00137EPSS
CVE
CVE
added 2018/11/27 6:0 p.m.45 views

CVE-2018-5919

CVE-2018-5919 affects the Qualcomm QCACLD-2.0 WLAN host driver in Android CAF/Linux kernels (Android for MSM, QRD Android). The issue is a use-after-free in the WLAN host driver that can cause the device to reboot. Public remediation references include a CodeAurora patch (commit 81a80c9973833f7cd...

7.8CVSS7.4AI score0.00172EPSS
CVE
CVE
added 2018/11/06 5:0 p.m.45 views

CVE-2018-9358

CVE-2018-9358 describes an out-of-bounds read in Bluetooth code path: in gatts_process_attribute_req (gatt_sc.cc), a missing bounds check can read uninitialized data, enabling remote information disclosure in the Bluetooth process without extra privileges and with no user interaction. Affected: A...

7.8CVSS6.8AI score0.01701EPSS
CVE
CVE
added 2018/11/06 5:0 p.m.45 views

CVE-2018-9362

CVE-2018-9362 affects Android where InboundSmsHandler.java's processMessagePart has improper input validation, enabling remote denial of service with no privileges and no user interaction. Affected products include Android 6.x through 8.1. The connected documents confirm a DoS impact but do not p...

7.8CVSS7.2AI score0.0156EPSS
CVE
CVE
added 2018/11/06 5:0 p.m.45 views

CVE-2018-9448

CVE-2018-9448 affects Android 8.0 and 8.1, with a vulnerability in avct_bcb_msg_ind (avct_bcb_act.cc) caused by a missing bounds check that could enable remote information disclosure without user interaction or additional privileges. The issue is categorized as an information-disclosure risk (no ...

7.8CVSS6.3AI score0.01654EPSS
CVE
CVE
added 2018/11/06 5:0 p.m.45 views

CVE-2018-9454

CVE-2018-9454 affects Android (Android 6.0–8.1). Root cause: in bnep_data_ind of bnep_main.cc, a missing bounds check allows an out-of-bounds read, leading to possible local information disclosure without extra privileges. Impact is information disclosure; exploitation requires local access and d...

5.5CVSS5.3AI score0.00199EPSS
CVE
CVE
added 2018/10/02 7:0 p.m.45 views

CVE-2018-9476

CVE-2018-9476 affects Android 8.0–8.1 via the Bluetooth stack: avrc_pars_browsing_cmd in avrc_pars_tg.cc, where a use-after-free caused by improper locking can enable remote privilege escalation with no user interaction. Exploitation is described as remote, with no additional execution privileges...

10CVSS8.9AI score0.02478EPSS
CVE
CVE
added 2018/10/02 7:0 p.m.45 views

CVE-2018-9503

The CVE-2018-9503 entry describes an out-of-bounds read in rfc_process_mx_message() within rfc_ts_frames.cc, leading to remote information disclosure without requiring privileges or user interaction. Affected software includes Android versions 7.0 through 9.0. The vulnerability’s root cause is a ...

7.8CVSS7AI score0.02625EPSS
CVE
CVE
added 2018/10/02 7:0 p.m.45 views

CVE-2018-9514

CVE-2018-9514 is a kernel vulnerability affecting Android devices, caused by a Use After Free in sdcardfs_open (file.c) that could enable local escalation of privilege without user interaction. The issue is within the Android kernel and is listed in the 2018-10 Android security bulletin; patch gu...

7.8CVSS7.6AI score0.0019EPSS
Total number of security vulnerabilities8153