Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleAndroid-

1454 matches found

cve
cveadded 2017/12/05 5:29 p.m.35 views

CVE-2017-9722

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when updating custom EDID (hdmi_tx_sysfs_wta_edid), if edid_size, which is controlled by userspace, is too large, a buffer overflow occurs.

7.8CVSS7.4AI score0.00017EPSS
cve
cveadded 2018/09/18 6:29 p.m.35 views

CVE-2018-11278

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Venus HW searches for start code when decoding input bit stream buffers. If start code is not found in entire buffer, there is over-fetch beyond allocation length. This leads to page fault.

7.1CVSS6.8AI score0.00015EPSS
cve
cveadded 2018/09/18 6:29 p.m.35 views

CVE-2018-11302

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from userspace before copying into buffer can lead to potential array overflow in WLAN.

7.8CVSS7.6AI score0.00018EPSS
cve
cveadded 2018/09/18 6:29 p.m.35 views

CVE-2018-11832

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of input size validation before copying to buffer in PMIC function can lead to heap overflow.

7.8CVSS7.5AI score0.00019EPSS
cve
cveadded 2018/09/19 2:29 p.m.35 views

CVE-2018-11883

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, in policy mgr unit test if mode parameter in wlan function is given an out of bound value it can cause an out of bound access while accessing the PCL table.

7.8CVSS7.4AI score0.00015EPSS
cve
cveadded 2018/11/27 6:0 p.m.35 views

CVE-2018-11919

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a potential heap overflow and memory corruption due to improper error handling in SOC infrastructure.

7.8CVSS7.7AI score0.00046EPSS
cve
cveadded 2018/12/20 3:29 p.m.35 views

CVE-2018-11961

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possibility of accessing out of bound vector index When updating some GNSS configurations.

7.8CVSS7.4AI score0.00019EPSS
cve
cveadded 2019/02/11 3:29 p.m.35 views

CVE-2018-11962

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Use-after-free issue in heap while loading audio effects config in audio effects factory.

7.8CVSS5.9AI score0.00022EPSS
cve
cveadded 2018/05/17 10:29 p.m.35 views

CVE-2018-3568

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.

7.8CVSS7.3AI score0.00018EPSS
cve
cveadded 2018/07/06 5:29 p.m.35 views

CVE-2018-3577

While processing fragments, when the fragment count becomes very large, an integer overflow leading to a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

7.5CVSS7.5AI score0.0023EPSS
cve
cveadded 2018/04/03 5:29 p.m.35 views

CVE-2018-3584

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a Use After Free condition can occur in the function rmnet_usb_ctrl_init().

7.5CVSS7.2AI score0.00145EPSS
cve
cveadded 2018/06/15 3:29 p.m.35 views

CVE-2018-5857

In the WCD CPE codec, a Use After Free condition can occur in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

7.8CVSS7.3AI score0.00021EPSS
cve
cveadded 2018/07/06 7:29 p.m.35 views

CVE-2018-5859

Due to a race condition in the MDSS MDP driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a Use After Free condition can occur.

7CVSS6.4AI score0.00024EPSS
cve
cveadded 2018/07/06 7:29 p.m.35 views

CVE-2018-5862

In __wlan_hdd_cfg80211_vendor_scan() in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, when SCAN_SSIDS and QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES are parsed, a buffer overwrite can potentially occur.

7.8CVSS7.3AI score0.00027EPSS
cve
cveadded 2018/11/27 6:0 p.m.35 views

CVE-2018-5919

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a use after free issue in WLAN host driver can lead to device reboot.

7.8CVSS7.4AI score0.00018EPSS
cve
cveadded 2018/10/02 7:29 p.m.35 views

CVE-2018-9513

In copy_process of fork.c, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111081202 Re...

7.8CVSS7.7AI score0.00018EPSS
cve
cveadded 2020/01/06 6:15 p.m.35 views

CVE-2019-9470

In dma_sblk_start of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-...

6.7CVSS7AI score0.00015EPSS
cve
cveadded 2021/03/10 5:15 p.m.35 views

CVE-2021-0450

In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-1751...

4.4CVSS4.3AI score0.00016EPSS
cve
cveadded 2021/03/10 5:15 p.m.35 views

CVE-2021-0454

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117...

7.2CVSS6.7AI score0.00014EPSS
cve
cveadded 2021/06/11 5:15 p.m.35 views

CVE-2021-0491

In memory management driver, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid I...

7.8CVSS7.7AI score0.00013EPSS
cve
cveadded 2021/06/21 5:15 p.m.35 views

CVE-2021-0528

In memory management driver, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185195266

7.8CVSS7.8AI score0.00016EPSS
cve
cveadded 2017/06/06 2:29 p.m.34 views

CVE-2014-9949

In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist.

9.3CVSS7.2AI score0.00035EPSS
cve
cveadded 2018/04/04 6:29 p.m.34 views

CVE-2014-9956

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36389611.

10CVSS8.7AI score0.00585EPSS
cve
cveadded 2018/04/04 6:29 p.m.34 views

CVE-2014-9959

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36383694.

10CVSS8.7AI score0.00585EPSS
cve
cveadded 2018/04/04 6:29 p.m.34 views

CVE-2016-10232

An elevation of privilege vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-34386696. References: QC-CR#1024872.

9.3CVSS8AI score0.00065EPSS
cve
cveadded 2018/01/23 1:29 a.m.34 views

CVE-2016-5345

Buffer overflow in the Qualcomm radio driver in Android before 2017-01-05 on Android One devices allows local users to gain privileges via a crafted application, aka Android internal bug 32639452 and Qualcomm internal bug CR1079713.

7CVSS7.6AI score0.0006EPSS
cve
cveadded 2018/01/12 11:29 p.m.34 views

CVE-2017-13219

A denial of service vulnerability in the Upstream kernel synaptics touchscreen controller. Product: Android. Versions: Android kernel. Android ID: A-62800865.

7.5CVSS6.9AI score0.00158EPSS
cve
cveadded 2018/01/10 10:29 p.m.34 views

CVE-2017-14870

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating the recovery message for eMMC devices, 1088 bytes of stack memory can potentially be leaked.

7.5CVSS7.1AI score0.00117EPSS
cve
cveadded 2018/03/30 9:29 p.m.34 views

CVE-2017-14877

While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no mutex lock of allocated memory. If one thread sends an ioctl cmd IPA_IOC_QUERY_RT_TBL_INDEX while another sends an ioctl cmd IPA_IOC_DEL_RT_RULE, a use-after-free ...

9.8CVSS9.1AI score0.00208EPSS
cve
cveadded 2017/12/05 7:29 p.m.34 views

CVE-2017-14914

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, handles in the global client structure can become stale.

10CVSS7.7AI score0.00106EPSS
cve
cveadded 2017/12/05 5:29 p.m.34 views

CVE-2017-15813

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overflow can occur while reading firmware logs.

9.8CVSS8.9AI score0.00177EPSS
cve
cveadded 2018/09/18 6:29 p.m.34 views

CVE-2017-15818

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size.

7.8CVSS8.1AI score0.00025EPSS
cve
cveadded 2018/01/10 10:29 p.m.34 views

CVE-2017-15845

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (negative value) from user space can potentially lead to the memory leak or buffer overflow during the WLAN cal data store operation.

7.8CVSS7.3AI score0.00027EPSS
cve
cveadded 2018/01/10 10:29 p.m.34 views

CVE-2017-15847

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the SPCom kernel driver, a race condition exists when creating a channel.

7CVSS6.5AI score0.00022EPSS
cve
cveadded 2018/06/12 8:29 p.m.34 views

CVE-2017-15854

The value of fix_param->num_chans is received from firmware and if it is too large, an integer overflow can occur in wma_radio_chan_stats_event_handler() for the derived length len leading to a subsequent buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD ...

7.8CVSS7.5AI score0.00019EPSS
cve
cveadded 2017/12/06 6:29 p.m.34 views

CVE-2017-6262

NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android ID: A-38045794...

7CVSS7.1AI score0.00025EPSS
cve
cveadded 2018/04/04 6:29 p.m.34 views

CVE-2017-6425

An information disclosure vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-32577085. References: QC-CR#1103689.

4.3CVSS4.7AI score0.00107EPSS
cve
cveadded 2018/01/10 10:29 p.m.34 views

CVE-2017-9689

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a specially-crafted HDMI CEC message can be used to cause stack memory corruption.

7.8CVSS7AI score0.00042EPSS
cve
cveadded 2018/01/10 10:29 p.m.34 views

CVE-2017-9705

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing locking resulting in list_del() and list_add() overlapping ...

7.8CVSS7.1AI score0.00028EPSS
cve
cveadded 2018/09/18 6:29 p.m.34 views

CVE-2018-11270

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, memory allocated with devm_kzalloc is automatically released by the kernel if the probe function fails with an error code. This may result in data corruption.

7.8CVSS7.3AI score0.00027EPSS
cve
cveadded 2018/09/18 6:29 p.m.34 views

CVE-2018-11280

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing user-space there is no size validation of the NAT entry input. If the user input size of the NAT entry is greater than the max allowed size, memory exhaustion will occur.

5.5CVSS5.4AI score0.00035EPSS
cve
cveadded 2018/09/18 6:29 p.m.34 views

CVE-2018-11281

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while calling IPA_IOC_MDFY_RT_RULE IPA IOCTL, header entry is not checked before use. If IPA_IOC_MDFY_RT_RULE IOCTL called for header entries formerly deleted, a Use after free condition will...

7.8CVSS7.7AI score0.00026EPSS
cve
cveadded 2018/09/18 6:29 p.m.34 views

CVE-2018-11286

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing global variable "debug_client" in multi-thread manner, Use after free issue occurs

7.8CVSS7.7AI score0.00021EPSS
cve
cveadded 2018/09/18 6:29 p.m.34 views

CVE-2018-11295

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WMA handler carries a fixed event data from the firmware to the host . If the length and anqp length from this event data exceeds the max length, an OOB write would happen.

7.8CVSS7.4AI score0.00022EPSS
cve
cveadded 2018/09/18 6:29 p.m.34 views

CVE-2018-11298

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing SET_PASSPOINT_LIST vendor command HDD does not make sure that the realm string that gets passed by upper-layer is NULL terminated. This may lead to buffer overflow as strlen ...

7.8CVSS7.7AI score0.00028EPSS
cve
cveadded 2018/09/18 6:29 p.m.34 views

CVE-2018-11300

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, callback executed from the other thread has freed memory which is also used in wlan function and may result in to a "Use after free" scenario.

7.8CVSS7.3AI score0.00031EPSS
cve
cveadded 2018/09/18 6:29 p.m.34 views

CVE-2018-11843

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack fo check on return value in WMA response handler can lead to potential use after free.

7.8CVSS8AI score0.00018EPSS
cve
cveadded 2018/09/19 2:29 p.m.34 views

CVE-2018-11886

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function.

7.8CVSS7.6AI score0.00016EPSS
cve
cveadded 2018/11/27 6:0 p.m.34 views

CVE-2018-11907

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /firmware/ which presents a potential issue.

7.8CVSS7.3AI score0.00014EPSS
cve
cveadded 2018/11/27 6:0 p.m.34 views

CVE-2018-11995

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a partition name-check variable is not reset for every iteration which may cause improper termination in the META image.

7.8CVSS8AI score0.00039EPSS
Total number of security vulnerabilities1454