Android@5.1 Security Vulnerabilities and Issues — Android@5.1 CVE List

Lucene search

GoogleAndroid5.1

41 matches found

CVE•added 2020/04/08 3:15 p.m.•45 views

CVE-2018-21087

An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018).

9.8CVSS9.7AI score0.00159EPSS

CVE•added 2020/04/07 2:15 p.m.•44 views

CVE-2016-11039

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (AP + CP MDM9x35, or Qualcomm Onechip) software. There is a NULL pointer dereference issue in the IPC socket code. The Samsung ID is SVE-2016-5980 (July 2016).

7.8CVSS7.6AI score0.00125EPSS

CVE•added 2020/04/07 4:15 p.m.•44 views

CVE-2017-18653

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. The Email application allows attackers to send emails on behalf of any user via a broadcasted intent. The Samsung ID is SVE-2017-9357 (September 2017).

4.3CVSS4.7AI score0.00088EPSS

CVE•added 2020/04/07 4:15 p.m.•43 views

CVE-2017-18682

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Because of incorrect exception handling and an unprotected intent, AudioService can cause a system crash, The Samsung IDs are SVE-2017-8114, SVE-2017-8116, and SVE-2017-8117 (March 2017).

7.8CVSS7.5AI score0.00125EPSS

CVE•added 2020/04/07 1:15 p.m.•42 views

CVE-2016-11052

An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. je_free in libQjpeg.so in Qjpeg in Qt 5.5 allows memory corruption via a malformed JPEG file. The Samsung ID is SVE-2015-5110 (January 2016).

7.8CVSS7.7AI score0.00061EPSS

CVE•added 2020/04/07 1:15 p.m.•41 views

CVE-2016-11044

An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (with Fingerprint support) software. The check of an application's signature can be bypassed during installation. The Samsung ID is SVE-2016-5923 (June 2016).

7.8CVSS7.6AI score0.00009EPSS

CVE•added 2020/04/07 4:15 p.m.•41 views

CVE-2017-18670

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. android.intent.action.SIOP_LEVEL_CHANGED allows a serializable intent reboot. The Samsung ID is SVE-2017-8363 (May 2017).

7.5CVSS7.5AI score0.00113EPSS

CVE•added 2020/04/07 4:15 p.m.•41 views

CVE-2017-18680

An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (tablets) software. The lockscreen interface allows Add User actions, leading to an unintended ability to access user data in external storage. The Samsung ID is SVE-2016-7797 (March 2017).

7.1CVSS6.9AI score0.00019EPSS

CVE•added 2020/04/07 4:15 p.m.•41 views

CVE-2017-18683

An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. SVoice allows Hare Hunting during application installation. The Samsung ID is SVE-2016-6942 (February 2017).

9.8CVSS9.4AI score0.00147EPSS

CVE•added 2020/08/31 9:15 p.m.•41 views

CVE-2020-25064

An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Certain automated testing is mishandled. The LG ID is LVE-SMP-200019 (August 2020).

7.5CVSS7.5AI score0.00092EPSS

CVE•added 2020/04/07 1:15 p.m.•40 views

CVE-2016-11045

An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. The Gallery library allow memory corruption via a malformed image. The Samsung ID is SVE-2016-5317 (May 2016).

7.8CVSS7.8AI score0.00061EPSS

CVE•added 2020/04/07 4:15 p.m.•40 views

CVE-2017-18690

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 (January 2017).

9.8CVSS9.7AI score0.00159EPSS

CVE•added 2020/04/07 2:15 p.m.•39 views

CVE-2016-11026

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. BootReceiver allows attackers to trigger a system crash because of incorrect exception handling. The Samsung ID is SVE-2016-7118 (December 2016).

7.8CVSS7.5AI score0.00125EPSS

CVE•added 2020/04/07 1:15 p.m.•39 views

CVE-2016-11042

An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. There is a SIM Lock bypass. The Samsung ID is SVE-2016-5381 (June 2016).

7.5CVSS7.6AI score0.00114EPSS

CVE•added 2020/04/07 4:15 p.m.•39 views

CVE-2017-18648

An issue was discovered on Samsung mobile devices with KK(4.4.x), L(5.x), M(6.x), and N(7.x) software. Arbitrary file read/write operations can occur in the locked state via a crafted MTP command. The Samsung ID is SVE-2017-10086 (November 2017).

9.1CVSS8.9AI score0.0012EPSS

CVE•added 2020/04/07 4:15 p.m.•39 views

CVE-2017-18671

An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Intents related to Wi-Fi have incorrect exception handling, leading to a crash of system processes. The Samsung ID is SVE-2017-8389 (May 2017).

7.5CVSS7.5AI score0.00113EPSS

CVE•added 2020/04/07 2:15 p.m.•38 views

CVE-2016-11030

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (with Hrm sensor support) software. The sysfs of the MAX86902 sensor driver does not prevent concurrent access, leading to a race condition and resultant heap-based buffer overflow. The Samsung ID is SVE-2016-734...

8.1CVSS8.1AI score0.00123EPSS

CVE•added 2020/04/08 2:15 p.m.•38 views

CVE-2017-18644

An issue was discovered on Samsung mobile devices with L(5.1), M(6.x), and N(7.x) software. There is a muic_set_reg_sel heap-based buffer overflow during the reading of MUIC register values. The Samsung ID is SVE-2017-10011 (December 2017).

9.8CVSS9.7AI score0.00199EPSS

CVE•added 2020/04/07 4:15 p.m.•38 views

CVE-2017-18659

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 (July 2017).

5.3CVSS5.3AI score0.0011EPSS

CVE•added 2020/04/07 4:15 p.m.•38 views

CVE-2017-18666

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Applications can send arbitrary premium SMS messages. The Samsung ID is SVE-2017-8701 (June 2017).

7.5CVSS7.6AI score0.00081EPSS

CVE•added 2020/04/07 4:15 p.m.•38 views

CVE-2017-18684

An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. SVoice allows provider seizure via an application that uses a custom provider. The Samsung ID is SVE-2016-6942 (February 2017).

9.8CVSS9.3AI score0.00147EPSS

CVE•added 2020/04/07 4:15 p.m.•38 views

CVE-2017-18685

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. The InputMethod application can cause a system crash via a malformed serializable object in an Intent. The Samsung ID is SVE-2016-7123 (February 2017).

7.8CVSS7.5AI score0.00125EPSS

CVE•added 2020/04/07 4:15 p.m.•38 views

CVE-2017-18687

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. An attacker can obtain the full pathnames of sdcard files by reading the system protected log upon reception of a certain intent. The Samsung ID is SVE-2016-7183 (January 2017).

5.3CVSS5.4AI score0.00091EPSS

CVE•added 2020/04/07 2:15 p.m.•37 views

CVE-2016-11034

An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. The decode function in Qjpeg in Qt 5.7 allows attackers to trigger a system crash via a malformed image. The Samsung ID is SVE-2016-6560 (October 2016).

7.1CVSS6.4AI score0.00106EPSS

CVE•added 2020/04/07 1:15 p.m.•37 views

CVE-2016-11048

An issue was discovered on Samsung mobile devices with L(5.0/5.1) (Spreadtrum or Marvell chipsets) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2016-5421 (March 2016).

4.6CVSS4.8AI score0.00019EPSS

CVE•added 2020/04/07 4:15 p.m.•37 views

CVE-2017-18664

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. There is a NULL pointer exception in PersonManager, causing memory corruption. The Samsung ID is SVE-2017-8286 (June 2017).

7.5CVSS7.5AI score0.00114EPSS

CVE•added 2020/04/07 4:15 p.m.•37 views

CVE-2017-18672

An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Because of incorrect exception handling for Intents, a local attacker can force a reboot within framework.jar. The Samsung ID is SVE-2017-8390 (May 2017).

5.5CVSS5.5AI score0.00015EPSS

CVE•added 2020/04/07 4:15 p.m.•37 views

CVE-2017-18678

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-20...

7.5CVSS7.5AI score0.00113EPSS

CVE•added 2020/04/07 2:15 p.m.•36 views

CVE-2016-11031

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. AntService allows a system_server crash and reboot. The Samsung ID is SVE-2016-7044 (November 2016).

7.8CVSS7.6AI score0.00125EPSS

CVE•added 2020/04/07 2:15 p.m.•36 views

CVE-2016-11040

An issue was discovered on Samsung mobile devices with L(5.0/5.1) (with USB OTG MyFile2014_L_ESS support) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2015-5068 (June 2016).

4.6CVSS4.8AI score0.00019EPSS

CVE•added 2020/04/07 4:15 p.m.•36 views

CVE-2017-18667

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can prevent users from learning that SMS storage space has been exhausted. The Samsung ID is SVE-2017-8702 (June 2017).

5CVSS4.8AI score0.00097EPSS

CVE•added 2020/04/07 2:15 p.m.•35 views

CVE-2016-11029

An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.0) software. Attackers can read the password of the Mobile Hotspot in the log because of an unprotected intent. The Samsung ID is SVE-2016-7301 (December 2016).

7.5CVSS7.6AI score0.00114EPSS

CVE•added 2020/04/07 4:15 p.m.•35 views

CVE-2017-18688

An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.0) software. There is an information disclosure (of memory locations outside a buffer) via /dev/dsm_ctrl_dev. The Samsung ID is SVE-2016-7340 (January 2017).

7.5CVSS7.3AI score0.00123EPSS

CVE•added 2020/04/08 3:15 p.m.•34 views

CVE-2018-21086

An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software. There is a race condition with a resultant double free in vnswap_init_backing_storage. The Samsung ID is SVE-2017-11177 (February 2018).

8.1CVSS8.1AI score0.00114EPSS

CVE•added 2020/08/31 9:15 p.m.•34 views

CVE-2020-25065

An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Key logging may occur because of an obsolete API. The LG ID is LVE-SMP-170010 (August 2020).

7.8CVSS7.5AI score0.00118EPSS

CVE•added 2020/04/07 1:15 p.m.•33 views

CVE-2016-11046

An issue was discovered on Samsung mobile devices with JBP(4.3), KK(4.4), and L(5.0/5.1) software. Because of a misused whitelist, attackers can reach the radio layer (aka RIL or RILD) to place calls or send SMS messages. The Samsung ID is SVE-2016-5733 (May 2016).

7.5CVSS7.5AI score0.00092EPSS

CVE•added 2020/04/08 6:15 p.m.•33 views

CVE-2018-21079

An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), N(7.x), and O(8.0) software. There is a kernel pointer leak in the USB gadget driver. The Samsung ID is SVE-2017-10993 (March 2018).

7.5CVSS7.4AI score0.00123EPSS

CVE•added 2020/04/08 3:15 p.m.•33 views

CVE-2018-21085

An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software. There is a race condition with a resultant use-after-free in vnswap_deinit_backing_storage. The Samsung ID is SVE-2017-11176 (February 2018).

8.1CVSS8.1AI score0.00134EPSS

CVE•added 2020/04/08 3:15 p.m.•32 views

CVE-2018-21084

An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.x) software. There is a race condition with a resultant read-after-free issue in get_kek. The Samsung ID is SVE-2017-11174 (February 2018).

8.1CVSS8AI score0.00114EPSS

CVE•added 2020/04/07 2:15 p.m.•31 views

CVE-2017-18693

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. There is a buffer overflow in the fps sysfs entry. The Samsung ID is SVE-2016-7510 (January 2017).

9.8CVSS9.7AI score0.00159EPSS

CVE•added 2020/04/07 2:15 p.m.•28 views

CVE-2017-18695

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Attackers (who control a certain subdomain) can discover a user's credentials, during an email account login, via an EAS autodiscover packet. The Samsung ID is SVE-2016-7654 (January 2017).

6.5CVSS6.5AI score0.00089EPSS