Total
6434 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-2067 | 2 Google, Linux | 2 Android, Linux Kernel | 2020-08-04 | 9.3 HIGH | 7.8 HIGH |
drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSL_MEMFLAGS_GPUREADONLY flag, which allows attackers to gain privileges by leveraging accidental read-write mappings, aka Qualcomm internal bug CR988993. | |||||
CVE-2016-5340 | 2 Google, Linux | 2 Android, Linux Kernel | 2020-08-03 | 7.2 HIGH | 7.8 HIGH |
The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name. | |||||
CVE-2016-2059 | 2 Google, Linux | 2 Android, Linux Kernel | 2020-08-03 | 4.4 MEDIUM | 7.0 HIGH |
The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify that a port is a client port, which allows attackers to gain privileges or cause a denial of service (race condition and list corruption) by making many BIND_CONTROL_PORT ioctl calls. | |||||
CVE-2016-2068 | 2 Google, Linux | 2 Android, Linux Kernel | 2020-07-31 | 6.8 MEDIUM | 7.8 HIGH |
The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (integer overflow, and buffer overflow or buffer over-read) via a crafted application that performs a (1) AUDIO_EFFECTS_WRITE or (2) AUDIO_EFFECTS_READ operation, aka Qualcomm internal bug CR1006609. | |||||
CVE-2017-13194 | 2 Debian, Google | 2 Debian Linux, Android | 2020-07-23 | 7.8 HIGH | 7.5 HIGH |
A vulnerability in the Android media framework (libvpx) related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64710201. | |||||
CVE-2020-0120 | 1 Google | 1 Android | 2020-07-23 | 4.6 MEDIUM | 7.8 HIGH |
In notifyErrorForPendingRequests of QCamera3HWI.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-149995442 | |||||
CVE-2020-0122 | 1 Google | 1 Android | 2020-07-22 | 7.2 HIGH | 6.7 MEDIUM |
In the permission declaration for com.google.android.providers.gsf.permission.WRITE_GSERVICES in AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-147247775 | |||||
CVE-2020-0225 | 1 Google | 1 Android | 2020-07-22 | 10.0 HIGH | 9.8 CRITICAL |
In a2dp_vendor_ldac_decoder_decode_packet of a2dp_vendor_ldac_decoder.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142546668 | |||||
CVE-2020-0230 | 1 Google | 1 Android | 2020-07-21 | 7.5 HIGH | 9.8 CRITICAL |
There is a possible out of bounds write due to an incorrect bounds check. Product: AndroidVersions: Android SoCAndroid ID: A-156337262 | |||||
CVE-2020-0231 | 1 Google | 1 Android | 2020-07-21 | 7.5 HIGH | 9.8 CRITICAL |
There is a possible out of bounds write due to an incorrect bounds check. Product: AndroidVersions: Android SoCAndroid ID: A-156333727 | |||||
CVE-2017-0861 | 1 Google | 1 Android | 2020-07-14 | 4.6 MEDIUM | 7.8 HIGH |
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors. | |||||
CVE-2020-15578 | 1 Google | 1 Android | 2020-07-10 | 2.1 LOW | 5.5 MEDIUM |
An issue was discovered on Samsung mobile devices with O(8.x) software. FactoryCamera does not properly restrict runtime permissions. The Samsung ID is SVE-2020-17270 (July 2020). | |||||
CVE-2020-15579 | 1 Google | 1 Android | 2020-07-10 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) via the KNOX API. The Samsung ID is SVE-2020-17318 (July 2020). | |||||
CVE-2020-15580 | 1 Google | 1 Android | 2020-07-10 | 2.1 LOW | 5.5 MEDIUM |
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) by enrolling a new lock password. The Samsung ID is SVE-2020-17328 (July 2020). | |||||
CVE-2020-15577 | 1 Google | 1 Android | 2020-07-10 | 2.1 LOW | 5.5 MEDIUM |
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Cameralyzer allows attackers to write files to the SD card. The Samsung ID is SVE-2020-16830 (July 2020). | |||||
CVE-2020-15583 | 1 Google | 1 Android | 2020-07-10 | 2.1 LOW | 5.5 MEDIUM |
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. StickerProvider allows directory traversal for access to system files. The Samsung ID is SVE-2020-17665 (July 2020). | |||||
CVE-2020-0182 | 2 Debian, Google | 2 Debian Linux, Android | 2020-07-06 | 6.4 MEDIUM | 6.5 MEDIUM |
In exif_entry_get_value of exif-entry.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147140917 | |||||
CVE-2020-0234 | 1 Google | 1 Android | 2020-06-22 | 4.6 MEDIUM | 7.8 HIGH |
In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-148189280 | |||||
CVE-2020-0232 | 1 Google | 1 Android | 2020-06-22 | 7.5 HIGH | 9.8 CRITICAL |
Function abc_pcie_issue_dma_xfer_sync creates a transfer object, adds it to the session object then continues to work with it. A concurrent thread could retrieve created transfer object from the session object and delete it using abc_pcie_dma_user_xfer_clean. If this happens, abc_pcie_start_dma_xfer and abc_pcie_wait_dma_xfer in the original thread will trigger UAF when working with the transfer object.Product: AndroidVersions: Android kernelAndroid ID: A-151453714 | |||||
CVE-2020-0133 | 1 Google | 1 Android | 2020-06-17 | 4.4 MEDIUM | 7.3 HIGH |
In MockLocationAppPreferenceController.java, it is possible to mock the GPS location of the device due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145136060 |