Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleAndroid

846 matches found

CVE
CVEadded 2017/04/07 10:59 p.m.42 views

CVE-2017-0557

An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1...

5.5CVSS5.2AI score0.00112EPSS
CVE
CVEadded 2017/04/07 10:59 p.m.42 views

CVE-2017-0562

An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashi...

9.3CVSS7.7AI score0.00084EPSS
CVE
CVEadded 2017/05/12 3:29 p.m.42 views

CVE-2017-0589

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediase...

9.3CVSS7.6AI score0.00272EPSS
CVE
CVEadded 2017/05/12 3:29 p.m.42 views

CVE-2017-0592

A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution withi...

9.3CVSS7.6AI score0.00272EPSS
CVE
CVEadded 2017/05/12 3:29 p.m.42 views

CVE-2017-0596

An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not...

9.3CVSS7.2AI score0.00067EPSS
CVE
CVEadded 2017/05/12 3:29 p.m.42 views

CVE-2017-0615

An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Andro...

7.6CVSS6.6AI score0.00052EPSS
CVE
CVEadded 2017/05/12 3:29 p.m.42 views

CVE-2017-0619

An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: K...

7.6CVSS6.6AI score0.0004EPSS
CVE
CVEadded 2017/08/18 5:29 p.m.42 views

CVE-2017-0687

A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35583675.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.42 views

CVE-2017-0694

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37093318.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.42 views

CVE-2017-0697

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37239013.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.42 views

CVE-2017-0698

A information disclosure vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35467458.

5.5CVSS5.5AI score0.00063EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.42 views

CVE-2017-0700

A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-35639138.

9.3CVSS7.7AI score0.00269EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.42 views

CVE-2017-0701

A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36385715.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVEadded 2017/08/09 9:29 p.m.42 views

CVE-2017-0712

A elevation of privilege vulnerability in the Android framework (wi-fi service). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37207928.

7.8CVSS7.4AI score0.00053EPSS
CVE
CVEadded 2017/08/09 9:29 p.m.42 views

CVE-2017-0725

A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37627194.

5.5CVSS5.6AI score0.00039EPSS
CVE
CVEadded 2017/08/09 9:29 p.m.42 views

CVE-2017-0730

A denial of service vulnerability in the Android media framework (h264 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36279112.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVEadded 2017/08/09 9:29 p.m.42 views

CVE-2017-0740

A remote code execution vulnerability in the Broadcom networking driver. Product: Android. Versions: Android kernel. Android ID: A-37168488. References: B-RB#116402.

7.8CVSS7.7AI score0.0028EPSS
CVE
CVEadded 2017/08/09 9:29 p.m.42 views

CVE-2017-0747

A elevation of privilege vulnerability in the Qualcomm proprietary component. Product: Android. Versions: Android kernel. Android ID: A-32524214. References: QC-CR#2044821.

7.8CVSS7.4AI score0.00053EPSS
CVE
CVEadded 2017/09/08 8:29 p.m.42 views

CVE-2017-0767

A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407.

9.3CVSS7.9AI score0.00035EPSS
CVE
CVEadded 2017/09/08 8:29 p.m.42 views

CVE-2017-0773

A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37615911.

7.1CVSS5.9AI score0.00038EPSS
CVE
CVEadded 2017/09/08 8:29 p.m.42 views

CVE-2017-0774

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62673844.

7.1CVSS5.9AI score0.00038EPSS
CVE
CVEadded 2017/09/08 8:29 p.m.42 views

CVE-2017-0789

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37685267. References: B-V2017053102.

8.8CVSS8.6AI score0.00062EPSS
CVE
CVEadded 2017/09/08 8:29 p.m.42 views

CVE-2017-0793

A information disclosure vulnerability in the N/A memory subsystem. Product: Android. Versions: Android kernel. Android ID: A-35764946.

7.1CVSS5.8AI score0.0006EPSS
CVE
CVEadded 2017/09/08 8:29 p.m.42 views

CVE-2017-0797

A elevation of privilege vulnerability in the MediaTek accessory detector driver. Product: Android. Versions: Android kernel. Android ID: A-62459766. References: M-ALPS03353854.

9.3CVSS8AI score0.00035EPSS
CVE
CVEadded 2017/10/04 1:29 a.m.42 views

CVE-2017-0810

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38207066.

9.3CVSS7.7AI score0.00436EPSS
CVE
CVEadded 2017/10/04 1:29 a.m.42 views

CVE-2017-0812

An elevation of privilege vulnerability in the Android media framework (audio hal). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62873231.

9.3CVSS7.3AI score0.00134EPSS
CVE
CVEadded 2017/10/04 1:29 a.m.42 views

CVE-2017-0815

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63526567.

5.5CVSS5AI score0.00154EPSS
CVE
CVEadded 2017/10/04 1:29 a.m.42 views

CVE-2017-0826

An elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android kernel. Android ID: A-34949781.

9.3CVSS7.4AI score0.00088EPSS
CVE
CVEadded 2017/10/04 1:29 a.m.42 views

CVE-2017-0827

An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-62539960. References: M-ALPS03353876, M-ALPS03353861, M-ALPS03353869, M-ALPS03353867, M-ALPS03353872.

9.3CVSS7.4AI score0.00088EPSS
CVE
CVEadded 2017/11/16 11:29 p.m.42 views

CVE-2017-0833

A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62896384.

9.3CVSS7.7AI score0.0096EPSS
CVE
CVEadded 2017/12/06 2:29 p.m.42 views

CVE-2017-0837

An elevation of privilege vulnerability in the Android media framework (libaudiopolicymanager). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64340921.

7.8CVSS7.5AI score0.00016EPSS
CVE
CVEadded 2017/11/16 11:29 p.m.42 views

CVE-2017-0848

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64477217.

5.3CVSS5.4AI score0.00091EPSS
CVE
CVEadded 2017/11/16 11:29 p.m.42 views

CVE-2017-0858

Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64836894.

7.8CVSS7.2AI score0.00108EPSS
CVE
CVEadded 2017/12/06 2:29 p.m.42 views

CVE-2017-0873

A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63316255.

7.1CVSS6.3AI score0.00102EPSS
CVE
CVEadded 2017/12/05 7:29 p.m.42 views

CVE-2017-11006

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Use After Free condition can occur during positioning.

10CVSS7.7AI score0.00124EPSS
CVE
CVEadded 2017/12/05 7:29 p.m.42 views

CVE-2017-11007

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of stack corruption due to buffer overflow of Partition name while converting ascii string to unicode string in function HandleMetaImgFlash.

7.8CVSS7.5AI score0.00017EPSS
CVE
CVEadded 2017/11/16 10:29 p.m.42 views

CVE-2017-11029

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. An unchecked u...

7.8CVSS7AI score0.00017EPSS
CVE
CVEadded 2017/12/05 5:29 p.m.42 views

CVE-2017-11030

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the HDMI video driver function hdmi_edid_sysfs_rda_res_info(), userspace can perform an arbitrary write into kernel memory.

7.8CVSS7.1AI score0.00016EPSS
CVE
CVEadded 2017/12/05 5:29 p.m.42 views

CVE-2017-11033

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the coresight-tmc driver, a simultaneous read and enable of the ETR device after changing the buffer size may result in a Use After Free condition of the previous buffer.

7.8CVSS7.2AI score0.00019EPSS
CVE
CVEadded 2017/12/05 5:29 p.m.42 views

CVE-2017-11047

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a graphics driver ioctl handler, the lack of copy_from_user() function calls may result in writes to kernel memory.

7.8CVSS7AI score0.00016EPSS
CVE
CVEadded 2017/10/10 8:29 p.m.42 views

CVE-2017-11055

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION cfg80211 vendor command, a buffer over-read can occur.

7.5CVSS7AI score0.00111EPSS
CVE
CVEadded 2017/10/10 8:29 p.m.42 views

CVE-2017-11059

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, setting the HMAC key by different threads during SHA operations may potentially lead to a buffer overflow.

7.8CVSS7.2AI score0.0002EPSS
CVE
CVEadded 2017/06/29 3:29 p.m.42 views

CVE-2017-3750

On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749.

6.9CVSS6.6AI score0.00041EPSS
CVE
CVEadded 2017/06/13 8:29 p.m.42 views

CVE-2017-7370

In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.

7.6CVSS6.8AI score0.0005EPSS
CVE
CVEadded 2017/06/13 8:29 p.m.42 views

CVE-2017-8234

In all Android releases from CAF using the Linux kernel, an out of bounds access can potentially occur in a camera function.

9.3CVSS7.5AI score0.00044EPSS
CVE
CVEadded 2017/08/18 7:29 p.m.42 views

CVE-2017-9678

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy().

9.3CVSS7.4AI score0.00088EPSS
CVE
CVEadded 2017/06/06 2:29 p.m.41 views

CVE-2014-9952

In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist.

9.3CVSS7.1AI score0.00031EPSS
CVE
CVEadded 2017/08/18 6:29 p.m.41 views

CVE-2014-9969

In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client may use an insecure cryptographic algorithm.

10CVSS8.8AI score0.00082EPSS
CVE
CVEadded 2017/09/28 1:29 a.m.41 views

CVE-2015-1526

The media_server component in Android allows remote attackers to cause a denial of service via a crafted application.

7.1CVSS5.3AI score0.00168EPSS
CVE
CVEadded 2017/05/23 4:29 a.m.41 views

CVE-2015-1529

Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors.

7.5CVSS7.3AI score0.00341EPSS
Total number of security vulnerabilities846