Total
6434 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-9929 | 1 Google | 1 Android | 2017-06-09 | 9.3 HIGH | 7.8 HIGH |
In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist. | |||||
CVE-2015-9005 | 1 Google | 1 Android | 2017-06-08 | 9.3 HIGH | 7.8 HIGH |
In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. | |||||
CVE-2014-9945 | 1 Google | 1 Android | 2017-06-08 | 9.3 HIGH | 7.8 HIGH |
In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist. | |||||
CVE-2014-9947 | 1 Google | 1 Android | 2017-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure vulnerability could potentially exist. | |||||
CVE-2014-9948 | 1 Google | 1 Android | 2017-06-08 | 9.3 HIGH | 7.8 HIGH |
In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist. | |||||
CVE-2015-9007 | 1 Google | 1 Android | 2017-06-08 | 9.3 HIGH | 7.8 HIGH |
In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist. | |||||
CVE-2014-9949 | 1 Google | 1 Android | 2017-06-08 | 9.3 HIGH | 7.8 HIGH |
In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist. | |||||
CVE-2014-9951 | 1 Google | 1 Android | 2017-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure Through Timing Discrepancy vulnerability could potentially exist. | |||||
CVE-2016-10297 | 1 Google | 1 Android | 2017-06-08 | 9.3 HIGH | 7.0 HIGH |
In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. | |||||
CVE-2015-1529 | 1 Google | 1 Android | 2017-05-26 | 5.0 MEDIUM | 7.5 HIGH |
Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors. | |||||
CVE-2017-0625 | 1 Google | 1 Android | 2017-05-24 | 4.3 MEDIUM | 5.5 MEDIUM |
An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A. Android ID: A-35142799. References: M-ALPS03161531. | |||||
CVE-2016-10274 | 1 Google | 1 Android | 2017-05-24 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30202412. References: M-ALPS02897901. | |||||
CVE-2016-10280 | 1 Google | 1 Android | 2017-05-24 | 7.6 HIGH | 7.0 HIGH |
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175767. References: M-ALPS02696445. | |||||
CVE-2016-10281 | 1 Google | 1 Android | 2017-05-24 | 7.6 HIGH | 7.0 HIGH |
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175647. References: M-ALPS02696475. | |||||
CVE-2016-10282 | 1 Google | 1 Android | 2017-05-24 | 7.6 HIGH | 7.0 HIGH |
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33939045. References: M-ALPS03149189. | |||||
CVE-2017-0590 | 1 Google | 1 Android | 2017-05-19 | 9.3 HIGH | 7.8 HIGH |
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35039946. | |||||
CVE-2017-0587 | 1 Google | 1 Android | 2017-05-19 | 9.3 HIGH | 7.8 HIGH |
A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35219737. | |||||
CVE-2017-0589 | 1 Google | 1 Android | 2017-05-19 | 9.3 HIGH | 7.8 HIGH |
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34897036. | |||||
CVE-2017-0591 | 1 Google | 1 Android | 2017-05-19 | 9.3 HIGH | 7.8 HIGH |
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34097672. | |||||
CVE-2017-0602 | 1 Google | 1 Android | 2017-05-19 | 4.3 MEDIUM | 5.5 MEDIUM |
An information disclosure vulnerability in Bluetooth could allow a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34946955. |