VYPR

Android SDK

by Google

CVEs (1,763)

  • CVE-2016-0850HigApr 18, 2016
    risk 0.57cvss 8.8epss 0.01

    The PORCHE_PAIRING_CONFLICT feature in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to bypass intended pairing restrictions via a crafted device, aka internal bug 26551752.

  • CVE-2023-38297HigApr 22, 2024
    risk 0.55cvss 8.4epss 0.01

    An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup…

  • CVE-2016-3748HigJul 11, 2016
    risk 0.55cvss 8.4epss 0.00

    The sockets subsystem in Android 6.x before 2016-07-01 allows attackers to bypass intended system-call restrictions via a crafted application that makes an ioctl call, aka internal bug 28171804.

  • CVE-2016-0848HigApr 18, 2016
    risk 0.55cvss 8.4epss 0.00

    Race condition in Download Manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to bypass private-storage file-access restrictions via a crafted application that changes a symlink target, as demonstrated by…

  • CVE-2016-0807HigFeb 7, 2016
    risk 0.55cvss 8.4epss 0.00

    The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394.

  • CVE-2016-0806HigFeb 7, 2016
    risk 0.55cvss 8.4epss 0.00

    The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25344453.

  • CVE-2018-5823HigApr 3, 2018
    risk 0.51cvss 7.8epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, improper buffer length validation in extscan hotlist event can lead to potential buffer overflow.

  • CVE-2016-3862HigSep 11, 2016
    risk 0.51cvss 7.8epss 0.02

    media/ExifInterface.java in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 does not properly interact with the use of static variables in libjhead_jni, which allows remote attackers to execute arbitrary code or cause a…

  • CVE-2016-3849HigAug 5, 2016
    risk 0.51cvss 7.8epss 0.00

    The ION driver in Android before 2016-08-05 on Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28939740.

  • CVE-2016-3843HigAug 5, 2016
    risk 0.51cvss 7.8epss 0.01

    Android before 2016-08-05 does not properly restrict code execution in a kernel context, which allows attackers to gain privileges via a crafted application, as demonstrated by the kernel performance subsystem and the Qualcomm performance component, aka Android internal bugs…

  • CVE-2016-3833HigAug 5, 2016
    risk 0.51cvss 7.8epss 0.00

    The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGE_USERS and CREATE_USERS permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka internal bug…

  • CVE-2016-3807HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The serial peripheral interface driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 28402196.

  • CVE-2016-3805HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The MediaTek power management driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28333002 and MediaTek internal bug ALPS02694412.

  • CVE-2016-3771HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29007611 and MediaTek internal bug ALPS02703102.

  • CVE-2016-3758HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    Multiple buffer overflows in libdex/OptInvocation.cpp in DexClassLoader in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to gain privileges via a crafted application that provides a long filename, aka internal bug…

  • CVE-2016-3752HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    internal/app/ChooserActivity.java in the ChooserTarget service in Android 6.x before 2016-07-01 mishandles target security checks, which allows attackers to gain privileges via a crafted application, aka internal bug 28384423.

  • CVE-2014-9788HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    Multiple buffer overflows in the voice drivers in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28573112 and Qualcomm internal bug CR548872.

  • CVE-2016-0826HigMar 12, 2016
    risk 0.51cvss 7.8epss 0.01

    libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly…

  • CVE-2015-6637HigJan 6, 2016
    risk 0.51cvss 7.8epss 0.01

    The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 25307013.

  • CVE-2026-46273HigJun 3, 2026
    risk 0.49cvss 8.6epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the…

Page 1 of 89