Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Android
Total 7791 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-13176 1 Google 1 Android 2018-01-29 9.3 HIGH 8.8 HIGH
In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege that could enable bypassing user interaction requirements with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68341964.
CVE-2017-13207 1 Google 1 Android 2018-01-26 5.0 MEDIUM 7.5 HIGH
An information disclosure vulnerability in the Android media framework (stagefright mpeg4writer). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37564426.
CVE-2017-13205 1 Google 1 Android 2018-01-26 8.5 HIGH 9.1 CRITICAL
An information disclosure vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64550583.
CVE-2017-13200 1 Google 1 Android 2018-01-26 5.0 MEDIUM 7.5 HIGH
An information disclosure vulnerability in the Android media framework (av) related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63100526.
CVE-2017-13187 1 Google 1 Android 2018-01-26 8.5 HIGH 9.1 CRITICAL
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65034175.
CVE-2017-11079 1 Google 1 Android 2018-01-26 7.5 HIGH 9.8 CRITICAL
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size.
CVE-2017-14869 1 Google 1 Android 2018-01-26 5.0 MEDIUM 7.5 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while performing update of FOTA partition, uninitialized data can be pushed to storage.
CVE-2017-14870 1 Google 1 Android 2018-01-26 5.0 MEDIUM 7.5 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating the recovery message for eMMC devices, 1088 bytes of stack memory can potentially be leaked.
CVE-2017-14873 1 Google 1 Android 2018-01-26 4.6 MEDIUM 7.8 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the pp_pgc_get_config() graphics driver function, a kernel memory overwrite can potentially occur.
CVE-2017-15847 1 Google 1 Android 2018-01-26 4.4 MEDIUM 7.0 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the SPCom kernel driver, a race condition exists when creating a channel.
CVE-2017-15848 1 Google 1 Android 2018-01-26 4.6 MEDIUM 7.8 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the fastrpc kernel driver, a buffer overflow vulnerability from userspace may potentially exist.
CVE-2017-15850 1 Google 1 Android 2018-01-26 5.0 MEDIUM 7.5 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, userspace can read values from audio codec registers.
CVE-2017-9705 1 Google 1 Android 2018-01-26 4.6 MEDIUM 7.8 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing locking resulting in list_del() and list_add() overlapping and corrupting the next and previous pointers.
CVE-2017-9689 1 Google 1 Android 2018-01-26 4.6 MEDIUM 7.8 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a specially-crafted HDMI CEC message can be used to cause stack memory corruption.
CVE-2017-11080 1 Google 1 Android 2018-01-26 4.6 MEDIUM 7.8 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a user supplied sparse image, a buffer overflow vulnerability could occur if the sparse header block size is equal to 4294967296.
CVE-2017-11081 1 Google 1 Android 2018-01-26 4.6 MEDIUM 7.8 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers defined in this API can hold maximum 32 bytes but data more than 32 bytes can get copied.
CVE-2017-14879 1 Google 1 Android 2018-01-26 4.6 MEDIUM 8.8 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipa_idr pointer using ipa_idr_find() function, the wrong structure pointer can be returned resulting in a slab out of bound access in the IPA driver.
CVE-2017-13185 1 Google 1 Android 2018-01-25 8.5 HIGH 9.1 CRITICAL
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65123471.
CVE-2017-13204 1 Google 1 Android 2018-01-25 8.5 HIGH 9.1 CRITICAL
An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380237.
CVE-2017-13203 1 Google 1 Android 2018-01-25 8.5 HIGH 9.1 CRITICAL
An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63122634.