930 matches found
CVE-2014-9783
drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate certain values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28441831 and Qualcomm internal ...
CVE-2014-9875
drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application that sends short DCI request packets, aka Android internal bug 28767589 and Qualcomm internal bug CR483310.
CVE-2014-9898
arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28814690 and Qua...
CVE-2014-9962
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of a DRM provisioning command.
CVE-2014-9968
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the UIMDIAG interface.
CVE-2014-9980
In all Qualcomm products with Android releases from CAF using the Linux kernel, a Sample App failed to check a length potentially leading to unauthorized access to secure memory.
CVE-2015-6600
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 22882938.
CVE-2015-6603
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23227354.
CVE-2015-6627
The Audio component in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information via a crafted audio file, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24211743.
CVE-2015-8892
platform/msm_shared/boot_verifier.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to bypass intended access restrictions via a digest with trailing data, aka Android internal bug 28822807 and Qualcomm internal bug CR902998.
CVE-2015-8951
Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 30142668 and Qualcomm int...
CVE-2015-8996
In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel.
CVE-2015-9000
In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
CVE-2015-9028
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a cryptographic routine.
CVE-2015-9061
In all Qualcomm products with Android releases from CAF using the Linux kernel, playReady DRM failed to check a length potentially leading to unauthorized access to secure memory.
CVE-2016-10335
In all Android releases from CAF using the Linux kernel, libtomcrypt was updated.
CVE-2016-10343
In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak.
CVE-2016-10383
In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI.
CVE-2016-10386
In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP.
CVE-2016-10389
In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition.
CVE-2016-2466
The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka internal bug 27947307.
CVE-2016-2503
The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28084795 and Qualcomm internal bug CR1006067.
CVE-2016-3849
The ION driver in Android before 2016-08-05 on Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28939740.
CVE-2016-3877
Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors.
CVE-2016-3926
Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5, 5X, 6, and 6P devices has unknown impact and attack vectors, aka internal bug 28823953.
CVE-2016-5347
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver.
CVE-2016-5861
In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow.
CVE-2016-6686
The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30163101.
CVE-2016-6689
Binder in the kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30768347.
CVE-2016-6690
The sound driver in the kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Nexus Player devices allows attackers to cause a denial of service (reboot) via a crafted application, aka internal bug 28838221.
CVE-2016-6708
An elevation of privilege in the System UI in Android 7.0 before 2016-11-01 could enable a local malicious user to bypass the security prompt of your work profile in Multi-Window mode. This issue is rated as High because it is a local bypass of user interaction requirements for any developer or sec...
CVE-2016-6732
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which m...
CVE-2016-6742
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. An...
CVE-2016-6753
An information disclosure vulnerability in kernel components, including the process-grouping subsystem and the networking subsystem, in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it fi...
CVE-2017-0401
An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive ...
CVE-2017-0503
An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical du...
CVE-2017-0529
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A....
CVE-2017-0578
An elevation of privilege vulnerability in the DTS sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID...
CVE-2017-0617
An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Andro...
CVE-2017-7373
In all Android releases from CAF using the Linux kernel, a double free vulnerability exists in a display driver.
CVE-2017-8254
In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid.
CVE-2017-8265
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free.
CVE-2017-9680
In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error message.
CVE-2017-9685
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition.
CVE-2023-21325
In Settings, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-21329
In Activity Manager, there is a possible way to determine whether an app is installed due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-21372
In libdexfile, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-21381
In Media Resource Manager, there is a possible local arbitrary code execution due to use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2014-9789
The (1) alloc and (2) free APIs in arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices do not validate parameters, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28749392 and Qualcomm int...
CVE-2014-9798
platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attackers to cause a denial of service (OS outage) via a crafted application, aka Android internal bug 2...