VYPR

Android

by Google

CVEs (4,041)

  • CVE-2017-13176HigJan 12, 2018
    risk 0.57cvss 8.8epss 0.01

    In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege that could enable bypassing user interaction requirements with no additional execution privileges needed. User interaction is…

  • CVE-2017-13151HigDec 6, 2017
    risk 0.57cvss 8.8epss 0.01

    A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456.

  • CVE-2017-0878HigDec 6, 2017
    risk 0.57cvss 8.8epss 0.01

    A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 8.0. Android ID A-65186291.

  • CVE-2017-0877HigDec 6, 2017
    risk 0.57cvss 8.8epss 0.01

    A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-66372937.

  • CVE-2017-0876HigDec 6, 2017
    risk 0.57cvss 8.8epss 0.01

    A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-64964675.

  • CVE-2017-0872HigDec 6, 2017
    risk 0.57cvss 8.8epss 0.01

    A remote code execution vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65290323.

  • CVE-2017-14496HigOct 3, 2017
    risk 0.57cvss 7.5epss 0.66

    Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.

  • CVE-2017-0782HigSep 14, 2017
    risk 0.57cvss 8.8epss 0.02

    A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237.

  • CVE-2017-0791HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37306719. References: B-V2017052302.

  • CVE-2017-0790HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37357704. References: B-V2017053101.

  • CVE-2017-0789HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37685267. References: B-V2017053102.

  • CVE-2017-0788HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37722328. References: B-V2017053103.

  • CVE-2017-0787HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37722970. References: B-V2017053104.

  • CVE-2017-0786HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37351060. References: B-V2017060101.

  • CVE-2017-0784HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Android system (nfc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37287958.

  • CVE-2017-6421HigAug 16, 2017
    risk 0.57cvss 8.8epss 0.01

    In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow.

  • CVE-2016-5861HigAug 16, 2017
    risk 0.57cvss 8.8epss 0.00

    In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow.

  • CVE-2016-2433HigApr 21, 2017
    risk 0.57cvss 8.8epss 0.01

    The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel.

  • CVE-2016-2439HigMay 9, 2016
    risk 0.57cvss 8.8epss 0.01

    Buffer overflow in btif/src/btif_dm.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows remote attackers to execute arbitrary code via a long PIN value, aka internal bug 27411268.

  • CVE-2016-0850HigApr 18, 2016
    risk 0.57cvss 8.8epss 0.01

    The PORCHE_PAIRING_CONFLICT feature in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to bypass intended pairing restrictions via a crafted device, aka internal bug 26551752.

Page 17 of 203