Total
7791 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-0808 | 1 Google | 1 Android | 2017-10-12 | 5.0 MEDIUM | 7.5 HIGH |
An information disclosure vulnerability in the Android framework (file system). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62301183. | |||||
CVE-2015-0874 | 3 Apple, Google, Okb | 3 Iphone Os, Android, Smart Passbook | 2017-10-10 | 4.3 MEDIUM | 5.9 MEDIUM |
Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information from encrypted communications via a crafted certificate. | |||||
CVE-2015-1526 | 1 Google | 1 Android | 2017-10-06 | 7.1 HIGH | 5.5 MEDIUM |
The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. | |||||
CVE-2015-1537 | 1 Google | 1 Android | 2017-10-06 | 9.3 HIGH | 7.8 HIGH |
Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application. | |||||
CVE-2016-5853 | 1 Google | 1 Android | 2017-09-29 | 7.6 HIGH | 7.0 HIGH |
In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed, but code execution continues in the same way as for a correct length value. | |||||
CVE-2015-1528 | 1 Google | 1 Android | 2017-09-29 | 9.3 HIGH | N/A |
Integer overflow in the native_handle_create function in libcutils/native_handle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of service (Binder heap memory corruption) via a crafted application, aka internal bug 19334482. | |||||
CVE-2015-1474 | 1 Google | 1 Android | 2017-09-29 | 10.0 HIGH | N/A |
Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (2) integer values. | |||||
CVE-2016-5868 | 1 Google | 1 Android | 2017-09-28 | 7.6 HIGH | 7.0 HIGH |
drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process. | |||||
CVE-2017-11040 | 1 Google | 1 Android | 2017-09-26 | 4.3 MEDIUM | 5.5 MEDIUM |
In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to. | |||||
CVE-2017-11001 | 1 Google | 1 Android | 2017-09-26 | 4.3 MEDIUM | 5.5 MEDIUM |
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length of the MAC address is not checked which may cause out of bounds read. | |||||
CVE-2017-10996 | 1 Google | 1 Android | 2017-09-26 | 7.1 HIGH | 5.5 MEDIUM |
In all Qualcomm products with Android releases from CAF using the Linux kernel, out of bounds access is possible in c_show(), due to compat_hwcap_str[] not being NULL-terminated. This error is not fatal, however the device might crash/reboot with memory violation/out of bounds access. | |||||
CVE-2017-9676 | 1 Google | 1 Android | 2017-09-26 | 2.6 LOW | 4.7 MEDIUM |
In all Qualcomm products with Android releases from CAF using the Linux kernel, potential use after free scenarios and race conditions can occur when accessing global static variables without using a lock. | |||||
CVE-2015-1527 | 1 Google | 1 Android | 2017-09-21 | 4.6 MEDIUM | 7.8 HIGH |
Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via a crafted application, aka Android Bug ID 19261727. | |||||
CVE-2015-3829 | 1 Google | 1 Android | 2017-09-21 | 10.0 HIGH | N/A |
Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via crafted MPEG-4 covr atoms with a size equal to SIZE_MAX, aka internal bug 20923261. | |||||
CVE-2015-3828 | 1 Google | 1 Android | 2017-09-21 | 10.0 HIGH | N/A |
The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted 3GPP metadata, aka internal bug 20923261, a related issue to CVE-2015-3826. | |||||
CVE-2015-3827 | 1 Google | 1 Android | 2017-09-21 | 9.3 HIGH | N/A |
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted MPEG-4 covr atoms, aka internal bug 20923261. | |||||
CVE-2015-3826 | 1 Google | 1 Android | 2017-09-21 | 5.0 MEDIUM | N/A |
The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to cause a denial of service (integer underflow, buffer over-read, and mediaserver process crash) via crafted 3GPP metadata, aka internal bug 20923261, a related issue to CVE-2015-3828. | |||||
CVE-2015-3824 | 1 Google | 1 Android | 2017-09-21 | 10.0 HIGH | N/A |
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via a crafted MPEG-4 tx3g atom, aka internal bug 20923261. | |||||
CVE-2015-1539 | 1 Google | 1 Android | 2017-09-21 | 10.0 HIGH | N/A |
Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493. | |||||
CVE-2015-1538 | 1 Google | 1 Android | 2017-09-21 | 10.0 HIGH | N/A |
Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted atoms in MP4 data that trigger an unchecked multiplication, aka internal bug 20139950, a related issue to CVE-2015-4496. |