VYPR

Android

by Google

CVEs (4,716)

  • CVE-2017-8280HigSep 21, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a memory leak and a buffer overflow during the context switch.

  • CVE-2017-0785MedSep 14, 2017
    risk 0.46cvss 6.5epss 0.12

    A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698.

  • CVE-2017-0778HigSep 8, 2017
    risk 0.46cvss 7.1epss 0.00

    A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-62133227.

  • CVE-2017-9684HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition.

  • CVE-2017-8270HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition.

  • CVE-2017-8267HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write.

  • CVE-2017-8266HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.

  • CVE-2017-8265HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free.

  • CVE-2017-8262HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, in some memory allocation and free functions, a race condition can potentially occur leading to a Use After Free condition.

  • CVE-2015-0576HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA.

  • CVE-2016-5867HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow.

  • CVE-2016-5862HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel…

  • CVE-2016-5860HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a heap buffer overflow.

  • CVE-2016-5859HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow.

  • CVE-2016-5853HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed, but code execution continues in the same way as for a correct length value.

  • CVE-2017-6249HigJul 13, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product:…

  • CVE-2014-7953HigJul 7, 2017
    risk 0.46cvss 7.0epss 0.00

    Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script…

  • CVE-2017-6248HigJul 6, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product:…

  • CVE-2017-0649HigJun 14, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of…

  • CVE-2017-0636HigJun 14, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

Page 128 of 236