Total
6434 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3347 | 5 Adobe, Apple, Google and 2 more | 5 Flash Player, Mac Os X, Android and 2 more | 2013-08-21 | 10.0 HIGH | N/A |
| Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via PCM data that is not properly handled during resampling. | |||||
| CVE-2011-3918 | 1 Google | 1 Android | 2013-08-03 | 7.8 HIGH | N/A |
| The Zygote process in Android 4.0.3 and earlier accepts fork requests from processes with arbitrary UIDs, which allows remote attackers to cause a denial of service (reboot loop) via a crafted application. | |||||
| CVE-2013-3642 | 2 Adgjm, Google | 2 Angel Browser, Android | 2013-06-16 | 4.3 MEDIUM | N/A |
| The Angel Browser application 1.47b and earlier for Android 1.6 through 2.1, 1.62b and earlier for Android 2.2 through 2.3.4, 1.68b and earlier for Android 3.0 through 4.0.3, and 1.76b and earlier for Android 4.1 through 4.2 does not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application. | |||||
| CVE-2013-0790 | 2 Google, Mozilla | 2 Android, Firefox | 2013-06-04 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service (stack memory corruption and application crash) or possibly execute arbitrary code via unknown vectors involving a plug-in. | |||||
| CVE-2013-0798 | 2 Google, Mozilla | 2 Android, Firefox | 2013-06-04 | 4.3 MEDIUM | N/A |
| Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the app_tmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which app_tmp is used. | |||||
| CVE-2013-2317 | 2 Fenrir-inc, Google | 2 Sleipnir Mobile, Android | 2013-06-03 | 5.8 MEDIUM | N/A |
| The Sleipnir Mobile application 2.9.1 and earlier and Sleipnir Mobile Black Edition application 2.9.1 and earlier for Android allow remote attackers to spoof the address bar via vectors involving the opening of a new window. | |||||
| CVE-2013-3666 | 2 Google, Lg | 2 Android, Optimus G E973 | 2013-05-30 | 7.2 HIGH | N/A |
| The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate attackers to execute arbitrary commands by entering USB Debugging mode, using Android Debug Bridge (adb) to establish a USB connection, dialing 3845#*973#, modifying the WLAN Test Wi-Fi Ping Test/User Command tcpdump command string, and pressing the CANCEL button. | |||||
| CVE-2012-3987 | 2 Google, Mozilla | 2 Android, Firefox | 2013-05-03 | 4.0 MEDIUM | N/A |
| Mozilla Firefox before 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site. | |||||
| CVE-2013-2304 | 2 Fenrir-inc, Google | 2 Sleipnir Mobile, Android | 2013-04-16 | 5.8 MEDIUM | N/A |
| The Sleipnir Mobile application 2.8.0 and earlier and Sleipnir Mobile Black Edition application 2.8.0 and earlier for Android allow remote attackers to load arbitrary Extension APIs, and trigger downloads or obtain sensitive HTTP response-body information, via a crafted web page. | |||||
| CVE-2012-3979 | 2 Google, Mozilla | 4 Android, Firefox, Firefox Esr and 1 more | 2013-03-25 | 6.8 MEDIUM | N/A |
| Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function. | |||||
| CVE-2013-0630 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2013-03-05 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.50 and 11.x before 11.5.502.146 on Windows and Mac OS X, before 10.3.183.50 and 11.x before 11.2.202.261 on Linux, before 11.1.111.31 on Android 2.x and 3.x, and before 11.1.115.36 on Android 4.x; Adobe AIR before 3.5.0.1060; and Adobe AIR SDK before 3.5.0.1060 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-4016 | 2 Google, Justsystems | 2 Android, Atok | 2013-03-01 | 4.3 MEDIUM | N/A |
| The ATOK application before 1.0.4 for Android allows remote attackers to read the learning information file, and obtain sensitive input-string information, via a crafted application. | |||||
| CVE-2012-4017 | 2 Google, Jb\+ | 2 Android, Jigbrowser\+ | 2013-03-01 | 4.3 MEDIUM | N/A |
| The jigbrowser+ application before 1.5.0 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | |||||
| CVE-2011-1352 | 1 Google | 1 Android | 2013-02-07 | 6.9 MEDIUM | N/A |
| The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an application that triggers kernel memory corruption using crafted user data to the pvrsrvkm device. | |||||
| CVE-2011-1350 | 1 Google | 1 Android | 2013-02-06 | 7.1 HIGH | N/A |
| The PowerVR SGX driver in Android before 2.3.6 allows attackers to obtain potentially sensitive information from kernel stack memory via an application that uses a crafted length parameter in a request to the pvrsrvkm device. | |||||
| CVE-2012-1249 | 2 Google, Lunascape | 2 Android, Ilunascape Android | 2013-01-03 | 5.0 MEDIUM | N/A |
| The iLunascape application 1.0.4.0 and earlier for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive stored information via a crafted application. | |||||
| CVE-2012-6301 | 1 Google | 1 Android | 2012-12-10 | 5.0 MEDIUM | N/A |
| The Browser application in Android 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted market: URI in the SRC attribute of an IFRAME element. | |||||
| CVE-2012-4909 | 1 Google | 2 Android, Chrome | 2012-09-14 | 4.3 MEDIUM | N/A |
| Google Chrome before 18.0.1025308 on Android allows remote attackers to obtain cookie information via a crafted application. | |||||
| CVE-2012-4908 | 1 Google | 2 Android, Chrome | 2012-09-14 | 7.5 HIGH | N/A |
| Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink. | |||||
| CVE-2012-4907 | 1 Google | 2 Android, Chrome | 2012-09-14 | 9.3 HIGH | N/A |
| Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page. | |||||