Android
by Google
CVEs (4,716)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-7372 | Hig | 0.46 | 7.0 | 0.00 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to buffer overflow or write to arbitrary pointer location. | ||
| CVE-2017-7370 | Hig | 0.46 | 7.0 | 0.00 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition. | ||
| CVE-2017-7368 | Hig | 0.46 | 7.0 | 0.00 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a race condition potentially exists in the ioctl handler of a sound driver. | ||
| CVE-2016-10339 | Hig | 0.46 | 7.1 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore. | ||
| CVE-2015-9022 | Hig | 0.46 | 7.0 | 0.00 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, time-of-check Time-of-use (TOCTOU) Race Conditions exist in several TZ APIs. | ||
| CVE-2014-9966 | Hig | 0.46 | 7.0 | 0.00 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists in Secure Display. | ||
| CVE-2016-10297 | Hig | 0.46 | 7.0 | 0.00 | Jun 6, 2017 | In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. | ||
| CVE-2014-9941 | Hig | 0.46 | 7.0 | 0.00 | Jun 6, 2017 | In the Embedded File System in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. | ||
| CVE-2016-10242 | Hig | 0.46 | 7.0 | 0.00 | May 16, 2017 | A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel. | ||
| CVE-2015-8997 | Hig | 0.46 | 7.0 | 0.00 | May 16, 2017 | In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel. | ||
| CVE-2015-8996 | Hig | 0.46 | 7.0 | 0.00 | May 16, 2017 | In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel. | ||
| CVE-2014-9936 | Hig | 0.46 | 7.0 | 0.01 | May 16, 2017 | In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel. | ||
| CVE-2017-8244 | Hig | 0.46 | 7.0 | 0.00 | May 12, 2017 | In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow… | ||
| CVE-2017-0623 | Hig | 0.46 | 7.0 | 0.01 | May 12, 2017 | An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as High because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2017-0622 | Hig | 0.46 | 7.0 | 0.01 | May 12, 2017 | An elevation of privilege vulnerability in the Goodix touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:… | ||
| CVE-2017-0621 | Hig | 0.46 | 7.0 | 0.01 | May 12, 2017 | An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2017-0620 | Hig | 0.46 | 7.0 | 0.01 | May 12, 2017 | An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process.… | ||
| CVE-2017-0619 | Hig | 0.46 | 7.0 | 0.01 | May 12, 2017 | An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:… | ||
| CVE-2017-0618 | Hig | 0.46 | 7.0 | 0.00 | May 12, 2017 | An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:… | ||
| CVE-2017-0617 | Hig | 0.46 | 7.0 | 0.01 | May 12, 2017 | An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.… |
- risk 0.46cvss 7.0epss 0.00
In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to buffer overflow or write to arbitrary pointer location.
- risk 0.46cvss 7.0epss 0.00
In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.
- risk 0.46cvss 7.0epss 0.00
In all Android releases from CAF using the Linux kernel, a race condition potentially exists in the ioctl handler of a sound driver.
- risk 0.46cvss 7.1epss 0.01
In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore.
- risk 0.46cvss 7.0epss 0.00
In all Android releases from CAF using the Linux kernel, time-of-check Time-of-use (TOCTOU) Race Conditions exist in several TZ APIs.
- risk 0.46cvss 7.0epss 0.00
In all Android releases from CAF using the Linux kernel, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists in Secure Display.
- risk 0.46cvss 7.0epss 0.00
In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist.
- risk 0.46cvss 7.0epss 0.00
In the Embedded File System in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist.
- risk 0.46cvss 7.0epss 0.00
A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel.
- risk 0.46cvss 7.0epss 0.00
In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel.
- risk 0.46cvss 7.0epss 0.00
In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel.
- risk 0.46cvss 7.0epss 0.01
In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel.
- risk 0.46cvss 7.0epss 0.00
In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the Goodix touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process.…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…
- risk 0.46cvss 7.0epss 0.00
An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…
- risk 0.46cvss 7.0epss 0.01
An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…
Page 129 of 236