Android
by Google
CVEs (4,717)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-3757 | Hig | 0.46 | 7.0 | 0.00 | Jul 11, 2016 | The print_maps function in toolbox/lsof.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows user-assisted attackers to gain privileges via a crafted application that attempts to list a long name of a memory-mapped file, aka… | ||
| CVE-2016-2462 | Hig | 0.46 | 7.0 | 0.00 | May 9, 2016 | OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bug 27371173. | ||
| CVE-2016-2461 | Hig | 0.46 | 7.0 | 0.00 | May 9, 2016 | OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 27696681. | ||
| CVE-2016-2456 | Hig | 0.46 | 7.0 | 0.00 | May 9, 2016 | The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27275187. | ||
| CVE-2016-2453 | Hig | 0.46 | 7.0 | 0.00 | May 9, 2016 | The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27549705. | ||
| CVE-2016-2446 | Hig | 0.46 | 7.0 | 0.00 | May 9, 2016 | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354. | ||
| CVE-2016-2445 | Hig | 0.46 | 7.0 | 0.00 | May 9, 2016 | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079. | ||
| CVE-2016-2444 | Hig | 0.46 | 7.0 | 0.00 | May 9, 2016 | The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332. | ||
| CVE-2016-2443 | Hig | 0.46 | 7.0 | 0.00 | May 9, 2016 | The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 26404525. | ||
| CVE-2016-2442 | Hig | 0.46 | 7.0 | 0.00 | May 9, 2016 | The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907. | ||
| CVE-2016-2441 | Hig | 0.46 | 7.0 | 0.00 | May 9, 2016 | The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602. | ||
| CVE-2016-2059 | Hig | 0.46 | 7.0 | 0.00 | May 5, 2016 | The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify that a port is a… | ||
| CVE-2016-0822 | Hig | 0.46 | 7.0 | 0.00 | Mar 12, 2016 | The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324. | ||
| CVE-2026-0048 | Med | 0.44 | 6.8 | 0.00 | Jun 1, 2026 | In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2018-9405 | Med | 0.44 | 6.7 | 0.00 | Jan 18, 2025 | In BnDmAgent::onTransact of dm_agent.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2024-53836 | Med | 0.44 | 6.7 | 0.00 | Jan 3, 2025 | In wbrc_bt_dev_write of wb_regon_coordinator.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2018-9391 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In update_gps_sv and output_vzw_debug of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/gpshal_wor ker.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System … | ||
| CVE-2018-9390 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In procfile_write of gl_proc.c, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2018-9386 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2017-13308 | Med | 0.44 | 6.7 | 0.00 | Dec 5, 2024 | In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for… |
- risk 0.46cvss 7.0epss 0.00
The print_maps function in toolbox/lsof.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows user-assisted attackers to gain privileges via a crafted application that attempts to list a long name of a memory-mapped file, aka…
- risk 0.46cvss 7.0epss 0.00
OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bug 27371173.
- risk 0.46cvss 7.0epss 0.00
OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 27696681.
- risk 0.46cvss 7.0epss 0.00
The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27275187.
- risk 0.46cvss 7.0epss 0.00
The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27549705.
- risk 0.46cvss 7.0epss 0.00
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.
- risk 0.46cvss 7.0epss 0.00
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.
- risk 0.46cvss 7.0epss 0.00
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.
- risk 0.46cvss 7.0epss 0.00
The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 26404525.
- risk 0.46cvss 7.0epss 0.00
The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907.
- risk 0.46cvss 7.0epss 0.00
The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602.
- risk 0.46cvss 7.0epss 0.00
The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify that a port is a…
- risk 0.46cvss 7.0epss 0.00
The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324.
- risk 0.44cvss 6.8epss 0.00
In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In BnDmAgent::onTransact of dm_agent.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In wbrc_bt_dev_write of wb_regon_coordinator.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In update_gps_sv and output_vzw_debug of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/gpshal_wor ker.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System …
- risk 0.44cvss 6.7epss 0.00
In procfile_write of gl_proc.c, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- risk 0.44cvss 6.7epss 0.00
In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for…
Page 137 of 236