Android
by Google
CVEs (4,041)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-9411 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection. | ||
| CVE-2016-6727 | Cri | 0.64 | 9.8 | 0.03 | Apr 17, 2017 | The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code. | ||
| CVE-2016-6726 | Cri | 0.64 | 9.8 | 0.01 | Apr 17, 2017 | Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices. | ||
| CVE-2016-1155 | Cri | 0.64 | 9.8 | 0.02 | Apr 13, 2017 | HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies. | ||
| CVE-2014-7921 | Cri | 0.64 | 9.8 | 0.01 | Apr 13, 2017 | mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920. | ||
| CVE-2014-7920 | Cri | 0.64 | 9.8 | 0.02 | Apr 13, 2017 | mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921. | ||
| CVE-2016-8418 | Cri | 0.64 | 9.8 | 0.03 | Feb 8, 2017 | A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Product:… | ||
| CVE-2016-8411 | Cri | 0.64 | 9.8 | 0.01 | Jan 27, 2017 | Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775. | ||
| CVE-2016-8459 | Cri | 0.64 | 9.8 | 0.02 | Jan 12, 2017 | Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462. | ||
| CVE-2016-8440 | Cri | 0.64 | 9.8 | 0.02 | Jan 12, 2017 | Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-31625306. References: QC-CR#1036747. | ||
| CVE-2016-8439 | Cri | 0.64 | 9.8 | 0.02 | Jan 12, 2017 | Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR#1027804. | ||
| CVE-2016-8438 | Cri | 0.64 | 9.8 | 0.02 | Jan 12, 2017 | Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638. | ||
| CVE-2016-8437 | Cri | 0.64 | 9.8 | 0.02 | Jan 12, 2017 | Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1009695. | ||
| CVE-2016-8398 | Cri | 0.64 | 9.8 | 0.02 | Jan 12, 2017 | Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. References: QC-CR#877705. | ||
| CVE-2016-6725 | Cri | 0.64 | 9.8 | 0.03 | Nov 25, 2016 | A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the… | ||
| CVE-2016-6696 | Cri | 0.64 | 9.8 | 0.01 | Oct 10, 2016 | sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm internal bug CR 1041130. | ||
| CVE-2016-6695 | Cri | 0.64 | 9.8 | 0.01 | Oct 10, 2016 | sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted visualizer data length, aka Qualcomm internal bug CR 1033540. | ||
| CVE-2016-6694 | Cri | 0.64 | 9.8 | 0.01 | Oct 10, 2016 | sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted parameter data, aka Qualcomm internal bug CR 1033525. | ||
| CVE-2016-6693 | Cri | 0.64 | 9.8 | 0.01 | Oct 10, 2016 | sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via an invalid data length, aka Qualcomm internal bug CR 1027585. | ||
| CVE-2016-6692 | Cri | 0.64 | 9.8 | 0.01 | Oct 10, 2016 | drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933. |
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection.
- risk 0.64cvss 9.8epss 0.03
The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.01
Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices.
- risk 0.64cvss 9.8epss 0.02
HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies.
- risk 0.64cvss 9.8epss 0.01
mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920.
- risk 0.64cvss 9.8epss 0.02
mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921.
- risk 0.64cvss 9.8epss 0.03
A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Product:…
- risk 0.64cvss 9.8epss 0.01
Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775.
- risk 0.64cvss 9.8epss 0.02
Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462.
- risk 0.64cvss 9.8epss 0.02
Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-31625306. References: QC-CR#1036747.
- risk 0.64cvss 9.8epss 0.02
Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR#1027804.
- risk 0.64cvss 9.8epss 0.02
Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638.
- risk 0.64cvss 9.8epss 0.02
Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1009695.
- risk 0.64cvss 9.8epss 0.02
Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. References: QC-CR#877705.
- risk 0.64cvss 9.8epss 0.03
A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the…
- risk 0.64cvss 9.8epss 0.01
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm internal bug CR 1041130.
- risk 0.64cvss 9.8epss 0.01
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted visualizer data length, aka Qualcomm internal bug CR 1033540.
- risk 0.64cvss 9.8epss 0.01
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted parameter data, aka Qualcomm internal bug CR 1033525.
- risk 0.64cvss 9.8epss 0.01
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via an invalid data length, aka Qualcomm internal bug CR 1027585.
- risk 0.64cvss 9.8epss 0.01
drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933.
Page 13 of 203