Filtered by vendor Google
Subscribe
Total
10294 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-0557 | 1 Google | 1 Android | 2017-07-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34093073. | |||||
| CVE-2017-0558 | 1 Google | 1 Android | 2017-07-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34056274. | |||||
| CVE-2017-0559 | 1 Google | 1 Android | 2017-07-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in libskia could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33897722. | |||||
| CVE-2017-0560 | 1 Google | 1 Android | 2017-07-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in the factory reset process could enable a local malicious attacker to access data from the previous owner. This issue is rated as Moderate due to the possibility of bypassing device protection. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-30681079. | |||||
| CVE-2004-2475 | 1 Google | 1 Toolbar | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a vulnerability. | |||||
| CVE-2015-9020 | 1 Google | 1 Android | 2017-07-07 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in the unlocking of memory. | |||||
| CVE-2015-9021 | 1 Google | 1 Android | 2017-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In all Android releases from CAF using the Linux kernel, access control to SMEM memory was not enabled. | |||||
| CVE-2015-9022 | 1 Google | 1 Android | 2017-07-07 | 7.6 HIGH | 7.0 HIGH |
| In all Android releases from CAF using the Linux kernel, time-of-check Time-of-use (TOCTOU) Race Conditions exist in several TZ APIs. | |||||
| CVE-2015-9023 | 1 Google | 1 Android | 2017-07-07 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. | |||||
| CVE-2015-9024 | 1 Google | 1 Android | 2017-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications. | |||||
| CVE-2015-9025 | 1 Google | 1 Android | 2017-07-07 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application. | |||||
| CVE-2015-9026 | 1 Google | 1 Android | 2017-07-07 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | |||||
| CVE-2015-9027 | 1 Google | 1 Android | 2017-07-07 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | |||||
| CVE-2015-9028 | 1 Google | 1 Android | 2017-07-07 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a cryptographic routine. | |||||
| CVE-2015-9029 | 1 Google | 1 Android | 2017-07-07 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access control settings of modem memory. | |||||
| CVE-2015-9030 | 1 Google | 1 Android | 2017-07-07 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication. | |||||
| CVE-2015-9031 | 1 Google | 1 Android | 2017-07-07 | 4.3 MEDIUM | 3.3 LOW |
| In all Android releases from CAF using the Linux kernel, a TZ memory address is exposed to HLOS by HDCP. | |||||
| CVE-2015-9032 | 1 Google | 1 Android | 2017-07-07 | 4.3 MEDIUM | 3.3 LOW |
| In all Android releases from CAF using the Linux kernel, a DRM key was exposed to QTEE applications. | |||||
| CVE-2015-9033 | 1 Google | 1 Android | 2017-07-07 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a pointer. | |||||
| CVE-2016-10332 | 1 Google | 1 Android | 2017-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications. | |||||