Lucene search
K

334 matches found

CVE
CVE
added 2017/08/18 6:0 p.m.43 views

CVE-2016-10384

CVE-2016-10384 affects Qualcomm products with Android CAF builds that use the Linux kernel and involve the WLAN driver ioctl. The underlying issue is a potentially reachable assertion in the WLAN driver ioctl, as described in the CVE entry. The Android Security Bulletin (April 2018) notes securit...

10CVSS8.7AI score0.00964EPSS
CVE
CVE
added 2017/08/16 3:0 p.m.43 views

CVE-2016-5855

CVE-2016-5855 affects the Qualcomm SPCom driver in Qualcomm AMSS/Android stacks. The root cause is a user‑supplied buffer being cast to a structure without validating the source buffer size, potentially leading to memory corruption or information exposure as described in the CVE entry. Connected ...

4.7CVSS5.4AI score0.00457EPSS
CVE
CVE
added 2017/08/16 3:0 p.m.43 views

CVE-2016-5858

CVE-2016-5858: A vulnerability in the ioctl handler of Qualcomm components used in Android for MSM, Firefox OS for MSM, and QRD Android. If a user supplies a value that is too large, it can cause an out-of-bounds read, leading to potential information disclosure. The description specifies the aff...

4.7CVSS5.3AI score0.00544EPSS
CVE
CVE
added 2017/06/13 8:0 p.m.43 views

CVE-2017-8233

CVE-2017-8233 : This vulnerability affects Android CAF camera driver code on all CAF Android releases using the Linux kernel. The issue is a missing bounds check when writing into an array, which can lead to an out-of-bounds heap write. The provided documents do not specify affected product versi...

9.3CVSS7.4AI score0.00363EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.43 views

CVE-2017-8272

CVE-2017-8272 affects Qualcomm components in Android CAF builds using the Linux kernel. In a driver function, a value supplied from userspace is not properly validated, potentially causing an out-of-bounds heap write. The vulnerability is described as a kernel-level issue with the potential for m...

7.8CVSS7.2AI score0.00356EPSS
CVE
CVE
added 2023/10/30 4:56 p.m.43 views

CVE-2023-21303

CVE-2023-21303 is an information-disclosure flaw affecting Android where an attacker can infer whether an app is installed via a side channel without query permissions. It enables local information leakage with no user interaction and requires only local access. Android 14 release notes indicate ...

5.5CVSS5.6AI score0.00091EPSS
CVE
CVE
added 2023/10/30 4:56 p.m.43 views

CVE-2023-21316

CVE-2023-21316 affects Google Android: an information-disclosure side channel in content that lets an app determine whether another app is installed without query permissions. Local attack with no user interaction; no explicit exploit details or affected versions are provided in the documents. Re...

5.5CVSS5.6AI score0.00086EPSS
CVE
CVE
added 2017/06/13 8:0 p.m.42 views

CVE-2014-9963

CVE-2014-9963 describes a buffer overflow in WideVine DRM present in Android CAF builds using the Linux kernel. The connected sources confirm a DRM component buffer overflow, implying potential arbitrary code execution under certain conditions, with CVSS indicating HIGH severity (local access, us...

9.3CVSS7.7AI score0.00625EPSS
CVE
CVE
added 2017/06/13 8:0 p.m.42 views

CVE-2014-9965

Technical details about CVE-2014-9965 are not publicly available in the provided connected documents. The descriptions restate the parsing issue in Android CAF/Linux SCM call handling; monitor for updates from the cited sources.

9.3CVSS7.5AI score0.00599EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.42 views

CVE-2014-9977

CVE-2014-9977 describes a buffer overflow in the PlayReady DRM within Qualcomm closed‑source components used by Android CAF on Linux, enabling potential arbitrary code execution or denial of service as described in linked CNVD/NVD entries. Affected: Qualcomm PlayReady DRM in Android CAF/Linux ker...

10CVSS8.1AI score0.00904EPSS
CVE
CVE
added 2017/05/16 2:0 p.m.42 views

CVE-2015-9003

In CVE-2015-9003, a cryptographic issue in TrustZone could potentially affect all Android releases from CAF using the Linux kernel. The connected documents identify TrustZone/Android CAF/Linux kernel as the affected area, but do not provide detailed root cause, affected subcomponents, specific vu...

9.3CVSS7.4AI score0.00578EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.42 views

CVE-2015-9039

Summary: CVE-2015-9039 affects the Qualcomm eMBMS component in Android CAF builds that use the Linux kernel. The root cause is an assertion that can be reached by a sequence of downlink messages in eMBMS, enabling a potential unauthorized operation. The vulnerability has a high/critical impact pr...

10CVSS7.8AI score0.00836EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.42 views

CVE-2015-9046

Technical details about CVE-2015-9046 are not publicly provided in the supplied documents. No specific impact, affected products, or fixes are disclosed here. Monitor for updates.

10CVSS7.7AI score0.00836EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.42 views

CVE-2015-9050

CVE-2015-9050 describes an out-of-bounds access during a CA call in Qualcomm CAF Android/Linux kernel components. The NVD entry assigns CRITICAL risk (CVSS3: 9.8) with network attack vector and no user interaction. Connected documents refer to Qualcomm/Android out-of-bounds issues but do not prov...

10CVSS7.8AI score0.00836EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.42 views

CVE-2015-9052

CVE-2015-9052 affects Qualcomm components in Android CAF builds using the Linux kernel LTE stack; the issue is an assertion that can be reached while processing a downlink message. The provided documents do not specify affected product versions, exact root cause details, exploit status, or availa...

10CVSS7.8AI score0.00836EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.42 views

CVE-2016-10382

CVE-2016-10382 affects Qualcomm products running CAF Android builds on the Linux kernel. The issue is insufficient access control for the I2C bus, enabling potential improper access. Public details consistently describe it as a high-severity vulnerability with a CVSSv3 base score of 9.8 (CRITICAL...

10CVSS7.8AI score0.00805EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.42 views

CVE-2016-5872

CVE-2016-5872 affects Qualcomm components in Android CAF builds that use the Linux kernel, where arguments to several QTEE syscalls are not properly validated. This could allow a crafted input to impact or compromise the kernel under affected conditions, with the CVSS indicating a high-severity, ...

10CVSS7.8AI score0.00836EPSS
CVE
CVE
added 2017/06/13 8:0 p.m.42 views

CVE-2017-8238

CVE-2017-8238 affects Android CAF builds that use the Linux kernel, with a buffer overflow in a camera function. Documented impact indicates high severity (I/H/A) and local exploitability (CVSSv3: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H); CVSSv2 references network vector in that scheme. Connected rec...

9.3CVSS7.4AI score0.00354EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.42 views

CVE-2017-8253

CVE-2017-8253 affects Qualcomm components in Android CAF builds using the Linux kernel. The issue can allow kernel memory overwrite when an invalid master is sent from userspace, leading to elevation of privilege within the kernel context. The initial document lists it as a high-severity, EoP-typ...

9.3CVSS7.2AI score0.0046EPSS
CVE
CVE
added 2023/10/30 4:56 p.m.42 views

CVE-2023-21311

CVE-2023-21311 describes an information-disclosure vulnerability in Android Settings where a permissions bypass could let a secondary user control private DNS settings. Exploitation is local (ATT&CK-like, not remote), requires no user interaction, and could disclose private information without ad...

5.5CVSS5.2AI score0.00084EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.41 views

CVE-2014-9978

CVE-2014-9978 (and related CNVD-2017-25680) describes a buffer overflow in the QTEE service of Qualcomm closed‑source components used by Android CAF/Linux kernels. The vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service within Qualcomm/Android enviro...

10CVSS8.1AI score0.00904EPSS
CVE
CVE
added 2017/06/13 8:0 p.m.41 views

CVE-2015-9021

CVE-2015-9021 describes a security issue where, in all Android releases from CAF using the Linux kernel, access control to SMEM memory was not enabled. The entry lists a MEDIUM overall impact (CVSS2: AV:N/AC:M/Au:N/C:N/I:N/A:P; CVSS3: LOCAL, LOW/L, NONE to partial impacts) and indicates no public...

5.5CVSS5.8AI score0.00473EPSS
CVE
CVE
added 2023/10/30 4:56 p.m.41 views

CVE-2023-21341

CVE-2023-21341 concerns Android’s Permission Manager, where a missing permission check can bypass required permissions, enabling local elevation of privilege. The issue is described as a local, low-privilege escalation with no user interaction required. Affected product/area: Android components r...

7.8CVSS7.8AI score0.00098EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.40 views

CVE-2015-9049

CVE-2015-9049 is corroborated by connected sources describing an input-validation vulnerability in Qualcomm’s closed‑source components (USIM handling) within Android CAF Linux environments. CNVD-2017-26834 outlines an unauthorized-operations flaw in the Qualcomm Android component causing remote e...

10CVSS7.8AI score0.00836EPSS
CVE
CVE
added 2023/10/30 4:56 p.m.40 views

CVE-2023-21300

Summary: CVE-2023-21300 affects Android’s PackageManager and arises from a side-channel information disclosure that allows a local attacker to infer whether an app is installed without query permissions. This is described as a local information disclosure with no additional execution privileges r...

5.5CVSS5.6AI score0.00091EPSS
CVE
CVE
added 2023/10/30 4:56 p.m.40 views

CVE-2023-21308

CVE-2023-21308 : In Composer, a missing bounds check allows an out-of-bounds read which could enable local escalation of privilege without user interaction. Exploitation details/affected versions are not disclosed in the provided documents. No patch/remediation information is included here. If ex...

5.5CVSS5.9AI score0.00086EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.39 views

CVE-2015-0574

CVE-2015-0574 is described in multiple sources as a file system input validation vulnerability in Qualcomm components used in Android CAF builds on the Linux kernel. The root cause is insufficient validation of filesystem access, which could enable an attacker to execute arbitrary code. Concrete ...

10CVSS8.8AI score0.00976EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.39 views

CVE-2015-9060

CVE-2015-9060 affects Qualcomm products with CAF Android builds using the Linux kernel. The issue is a pointer validation flaw in a QTEE system call, as described in the CVE description. The connected documents confirm the root cause (improper pointer validation) and the affected context (Qualcom...

10CVSS7.8AI score0.00836EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.38 views

CVE-2015-9038

CVE-2015-9038 affects Qualcomm closed‑source components in Android CAF builds using the Linux kernel. Description: a NULL pointer may be dereferenced in the front end, caused by NULL pointer usage in the vulnerable path. Root cause: NULL pointer dereference. Impact: potential crash or denial of s...

10CVSS7.8AI score0.00861EPSS
CVE
CVE
added 2017/08/16 3:0 p.m.38 views

CVE-2016-5862

CVE-2016-5862 affects Qualcomm-based Android for MSM codecs; the vulnerability arises when a codec control issued from userspace is cast to the container structure rather than the codec’s own structure. This type confusion can lead to a kernel crash and a subsequent device restart on affected Qua...

7.6CVSS6.8AI score0.00523EPSS
CVE
CVE
added 2023/10/30 4:56 p.m.38 views

CVE-2023-21323

CVE-2023-21323 is an information-disclosure vulnerability in Android's Activity Manager that could let a local attacker determine whether an app is installed without query permissions. The issue stems from a side-channel disclosure, requiring no user interaction and no additional execution privil...

5.5CVSS5.6AI score0.00086EPSS
CVE
CVE
added 2023/10/30 4:56 p.m.38 views

CVE-2023-21345

CVE-2023-21345 is described as an information-disclosure issue in Android’s Game Manager Service where an attacker can determine if an app is installed without query permissions via a side-channel. The available documents indicate local exploitation with no user interaction and a low overall risk...

3.3CVSS4.4AI score0.00082EPSS
CVE
CVE
added 2017/08/18 6:0 p.m.37 views

CVE-2015-9043

CVE-2015-9043 is described in connected sources as a NULL pointer dereference vulnerability affecting Qualcomm components in Android CAF builds using the Linux kernel. The root cause, as stated, is a NULL pointer dereference on timer expiry, with impact described as high/critical in CVSS terms. T...

10CVSS7.8AI score0.00861EPSS
CVE
CVE
added 2025/08/06 4:23 a.m.18 views

CVE-2025-21024

Samsung Smart View before Android 16 is affected by CVE-2025-21024 due to the use of implicit intents for sensitive communication, enabling local attackers to access sensitive information through the affected component. The issue is described across multiple sources as a vulnerability in Smart Vi...

5.5CVSS6.2AI score0.00076EPSS
Total number of security vulnerabilities334