VYPR

Android

by Google

CVEs (4,717)

  • CVE-2016-3757HigJul 11, 2016
    risk 0.46cvss 7.0epss 0.00

    The print_maps function in toolbox/lsof.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows user-assisted attackers to gain privileges via a crafted application that attempts to list a long name of a memory-mapped file, aka…

  • CVE-2016-2462HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bug 27371173.

  • CVE-2016-2461HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 27696681.

  • CVE-2016-2456HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27275187.

  • CVE-2016-2453HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27549705.

  • CVE-2016-2446HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.

  • CVE-2016-2445HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.

  • CVE-2016-2444HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.

  • CVE-2016-2443HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 26404525.

  • CVE-2016-2442HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907.

  • CVE-2016-2441HigMay 9, 2016
    risk 0.46cvss 7.0epss 0.00

    The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602.

  • CVE-2016-2059HigMay 5, 2016
    risk 0.46cvss 7.0epss 0.00

    The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify that a port is a…

  • CVE-2016-0822HigMar 12, 2016
    risk 0.46cvss 7.0epss 0.00

    The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324.

  • CVE-2026-0048MedJun 1, 2026
    risk 0.44cvss 6.8epss 0.00

    In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9405MedJan 18, 2025
    risk 0.44cvss 6.7epss 0.00

    In BnDmAgent::onTransact of dm_agent.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-53836MedJan 3, 2025
    risk 0.44cvss 6.7epss 0.00

    In wbrc_bt_dev_write of wb_regon_coordinator.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9391MedDec 5, 2024
    risk 0.44cvss 6.7epss 0.00

    In update_gps_sv and output_vzw_debug of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/gpshal_wor ker.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System …

  • CVE-2018-9390MedDec 5, 2024
    risk 0.44cvss 6.7epss 0.00

    In procfile_write of gl_proc.c, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9386MedDec 5, 2024
    risk 0.44cvss 6.7epss 0.00

    In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2017-13308MedDec 5, 2024
    risk 0.44cvss 6.7epss 0.00

    In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for…

Page 137 of 236