Lucene search

K

50 matches found

CVE
CVE
added 2017/10/03 1:29 a.m.785 views

CVE-2017-14496

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.

7.8CVSS8.1AI score0.15737EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.54 views

CVE-2017-0806

An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805.

9.3CVSS7.4AI score0.01494EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.54 views

CVE-2017-9714

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an out of bound memory access may happen in limCheckRxRSNIeMatch in case incorrect RSNIE is received from the client in assoc request.

7.8CVSS7.2AI score0.00019EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.51 views

CVE-2017-11067

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the Athdiag procfs entry does not have a proper address sanity check which may potentially lead to the use of an out-of-range pointer offset.

7.8CVSS7.1AI score0.00019EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.50 views

CVE-2017-0807

An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974.

10CVSS8AI score0.02479EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.50 views

CVE-2017-11061

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing cfg80211 vendor sub command QCA_NL80211_VENDOR_SUBCMD_ROAM, a buffer over-read can occur.

7.5CVSS7.1AI score0.00111EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.49 views

CVE-2017-11060

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in ...

7.5CVSS7.3AI score0.00111EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.49 views

CVE-2017-11062

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently attributes are not validated in __wlan_hdd_cfg80211_do_acs which can potentially lead to a buffer overread.

7.5CVSS7.1AI score0.00111EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.47 views

CVE-2017-0809

A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128.

9.3CVSS7.7AI score0.0084EPSS
CVE
CVE
added 2017/10/18 2:29 p.m.44 views

CVE-2014-3164

cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths.

7.5CVSS7.1AI score0.00312EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.44 views

CVE-2017-0817

An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430.

7.5CVSS6.8AI score0.00233EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.44 views

CVE-2017-11052

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_NDP cfg80211 vendor command a buffer over-read can occur.

7.5CVSS7.1AI score0.00111EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.43 views

CVE-2017-0820

A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62187433.

7.8CVSS7.2AI score0.00599EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.43 views

CVE-2017-0822

An elevation of privilege vulnerability in the Android system (camera). Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63787722.

9.8CVSS8.4AI score0.00134EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.43 views

CVE-2017-11053

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when qos map set IE of length less than 16 is received in association response or in qos map configure action frame, a buffer overflow can potentially occur in ConvertQosMapsetFrame().

7.8CVSS7.5AI score0.00057EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.42 views

CVE-2017-0810

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38207066.

9.3CVSS7.7AI score0.00908EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.42 views

CVE-2017-0812

An elevation of privilege vulnerability in the Android media framework (audio hal). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62873231.

9.3CVSS7.3AI score0.00048EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.42 views

CVE-2017-0815

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63526567.

5.5CVSS5AI score0.00154EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.42 views

CVE-2017-0826

An elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android kernel. Android ID: A-34949781.

9.3CVSS7.4AI score0.00088EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.42 views

CVE-2017-0827

An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-62539960. References: M-ALPS03353876, M-ALPS03353861, M-ALPS03353869, M-ALPS03353867, M-ALPS03353872.

9.3CVSS7.4AI score0.00088EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.42 views

CVE-2017-11055

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION cfg80211 vendor command, a buffer over-read can occur.

7.5CVSS7AI score0.00111EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.42 views

CVE-2017-11059

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, setting the HMAC key by different threads during SHA operations may potentially lead to a buffer overflow.

7.8CVSS7.2AI score0.0002EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.41 views

CVE-2017-0824

An elevation of privilege vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37622847. References: B-V2017063001.

9.8CVSS8AI score0.00144EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.41 views

CVE-2017-0829

An elevation of privilege vulnerability in the Motorola bootloader. Product: Android. Versions: Android kernel. Android ID: A-62345044.

9.8CVSS8AI score0.00144EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.41 views

CVE-2017-11063

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur.

5.9CVSS5.8AI score0.00113EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.40 views

CVE-2017-0811

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37930177.

9.3CVSS7.7AI score0.00996EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.40 views

CVE-2017-0814

An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62800140.

7.8CVSS6.8AI score0.00834EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.40 views

CVE-2017-0816

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63662938.

5.5CVSS5AI score0.00154EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.40 views

CVE-2017-0819

A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63045918.

7.8CVSS7.2AI score0.00262EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.40 views

CVE-2017-9697

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command registration table entries in diag_dbgfs_read_table.

7CVSS6.7AI score0.00015EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.39 views

CVE-2017-11057

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in compatibility mode, flash_data from 64-bit userspace may cause disclosure of kernel memory or a fault due to using a userspace-provided address.

7.8CVSS6.9AI score0.00019EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.39 views

CVE-2017-11064

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in ...

7.5CVSS7.3AI score0.00111EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.39 views

CVE-2017-9715

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur.

7.5CVSS7AI score0.00111EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.38 views

CVE-2017-0823

An information disclosure vulnerability in the Android system (rild). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37896655.

7.5CVSS6.8AI score0.00282EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.38 views

CVE-2017-0825

An information disclosure vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37305633. References: B-V2017063002.

7.5CVSS6.8AI score0.00145EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.38 views

CVE-2017-11050

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when the pktlogconf tool gives a pktlog buffer of size less than the minimal possible source data size in the host driver, a buffer overflow can potentially occur.

7.8CVSS7.4AI score0.0002EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.38 views

CVE-2017-11051

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, information disclosure is possible in function __wlan_hdd_cfg80211_testmode since buffer hb_params is not initialized to zero.

7.5CVSS6.8AI score0.00111EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.38 views

CVE-2017-11054

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur.

7.5CVSS7AI score0.00111EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.38 views

CVE-2017-9683

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a meta image, an integer overflow can occur, if user-defined image offset and size values are too large.

7.8CVSS7.3AI score0.00016EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.37 views

CVE-2017-0808

An information disclosure vulnerability in the Android framework (file system). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62301183.

7.5CVSS6.8AI score0.00161EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.37 views

CVE-2017-0813

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36531046.

7.5CVSS6.9AI score0.00376EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.37 views

CVE-2017-11046

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when an audio driver ioctl handler is called, a kernel out-of-bounds write can potentially occur.

7.8CVSS7.1AI score0.00019EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.37 views

CVE-2017-11056

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while doing sha and cipher operations, a userspace buffer is directly accessed in kernel space potentially leading to a page fault.

7.8CVSS7.1AI score0.00019EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.36 views

CVE-2017-0828

An elevation of privilege vulnerability in the Huawei bootloader. Product: Android. Versions: Android kernel. Android ID: A-34622855.

9.8CVSS8AI score0.00144EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.36 views

CVE-2017-9686

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging is used.

7.8CVSS7.3AI score0.00022EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.36 views

CVE-2017-9706

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an array out-of-bounds access can potentially occur in a display driver.

7.8CVSS7.1AI score0.00019EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.35 views

CVE-2017-9687

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, two concurrent threads/processes can write the value of "0" to the debugfs file that controls ipa ipc log which will lead to the double-free in ipc_log_context_destroy(). Another issue is...

7.8CVSS7AI score0.00022EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.34 views

CVE-2017-0818

A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63581671.

7.8CVSS7.2AI score0.00262EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.34 views

CVE-2017-11048

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a display driver function, a Use After Free condition can occur.

7.8CVSS7.2AI score0.00022EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.33 views

CVE-2017-9717

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur.

7.5CVSS7.2AI score0.00111EPSS