Android
by Google
CVEs (4,041)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-3666 | 0.00 | — | 0.00 | May 29, 2013 | The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate attackers to execute arbitrary commands by entering USB Debugging mode, using Android Debug Bridge (adb) to establish a USB connection, dialing 3845#*973#, modifying the WLAN Test Wi-Fi… | |||
| CVE-2011-1352 | 0.00 | — | 0.00 | Feb 5, 2013 | The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an application that triggers kernel memory corruption using crafted user data to the pvrsrvkm device. | |||
| CVE-2012-4222 | 0.00 | — | 0.01 | Nov 30, 2012 | drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center (QuIC) Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service (NULL pointer dereference) via an application that uses crafted arguments in a local kgsl_ioctl call. | |||
| CVE-2012-4221 | 0.00 | — | 0.02 | Nov 30, 2012 | Integer overflow in diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service via an application that uses crafted arguments in a local… | |||
| CVE-2012-4220 | 0.00 | — | 0.03 | Nov 30, 2012 | diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via an application that uses crafted arguments… | |||
| CVE-2012-3979 | 0.00 | — | 0.02 | Aug 29, 2012 | Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function. | |||
| CVE-2011-4276 | 0.00 | — | 0.01 | Jan 25, 2012 | The Bluetooth service (com/android/phone/BluetoothHeadsetService.java) in Android 2.3 before 2.3.6 allows remote attackers within Bluetooth range to obtain contact data via an AT phonebook transfer. | |||
| CVE-2011-3881 | 0.00 | — | 0.02 | Oct 25, 2011 | WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the… | |||
| CVE-2011-3975 | 0.00 | — | 0.01 | Oct 3, 2011 | A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assisted remote attackers to obtain a list of telephone numbers… | |||
| CVE-2008-7298 | 0.00 | — | 0.01 | Aug 9, 2011 | The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict… | |||
| CVE-2011-2344 | 0.00 | — | 0.01 | Jul 8, 2011 | Android Picasa in Android 3.0 and 2.x through 2.3.4 uses a cleartext HTTP session when transmitting the authToken obtained from ClientLogin, which allows remote attackers to gain privileges and access private pictures and web albums by sniffing the token from connections with… | |||
| CVE-2011-1149 | 0.00 | — | 0.00 | Apr 21, 2011 | Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf, related to the use of Android shared memory (ashmem) and… | |||
| CVE-2011-0680 | 0.00 | — | 0.02 | Jan 31, 2011 | data/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does not properly manage the draft cache, which allows remote attackers to read SMS messages intended for other recipients in opportunistic circumstances via a standard text messaging… | |||
| CVE-2009-3698 | 0.00 | — | 0.01 | Oct 14, 2009 | An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656. | |||
| CVE-2009-2999 | 0.00 | — | 0.01 | Oct 14, 2009 | The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly… | |||
| CVE-2009-2656 | 0.00 | — | 0.01 | Aug 3, 2009 | Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009. | |||
| CVE-2009-2348 | 0.00 | — | 0.00 | Jul 17, 2009 | Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and executing an application that does not make a… | |||
| CVE-2009-1754 | 0.00 | — | 0.01 | May 26, 2009 | The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote… | |||
| CVE-2009-0608 | 0.00 | — | 0.00 | Feb 17, 2009 | Integer overflow in the showLog function in fake_log_device.c in liblog in Open Handset Alliance Android 1.0 allows attackers to trigger a buffer overflow and possibly have unspecified other impact by sending a large number of input lines. | |||
| CVE-2009-0607 | 0.00 | — | 0.00 | Feb 17, 2009 | Multiple integer overflows in malloc_leak.c in Bionic in Open Handset Alliance Android 1.0 have unknown impact and attack vectors, related to the (1) chk_calloc and (2) leak_calloc functions. |
- CVE-2013-3666May 29, 2013risk 0.00cvss —epss 0.00
The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate attackers to execute arbitrary commands by entering USB Debugging mode, using Android Debug Bridge (adb) to establish a USB connection, dialing 3845#*973#, modifying the WLAN Test Wi-Fi…
- CVE-2011-1352Feb 5, 2013risk 0.00cvss —epss 0.00
The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an application that triggers kernel memory corruption using crafted user data to the pvrsrvkm device.
- CVE-2012-4222Nov 30, 2012risk 0.00cvss —epss 0.01
drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center (QuIC) Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service (NULL pointer dereference) via an application that uses crafted arguments in a local kgsl_ioctl call.
- CVE-2012-4221Nov 30, 2012risk 0.00cvss —epss 0.02
Integer overflow in diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service via an application that uses crafted arguments in a local…
- CVE-2012-4220Nov 30, 2012risk 0.00cvss —epss 0.03
diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via an application that uses crafted arguments…
- CVE-2012-3979Aug 29, 2012risk 0.00cvss —epss 0.02
Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function.
- CVE-2011-4276Jan 25, 2012risk 0.00cvss —epss 0.01
The Bluetooth service (com/android/phone/BluetoothHeadsetService.java) in Android 2.3 before 2.3.6 allows remote attackers within Bluetooth range to obtain contact data via an AT phonebook transfer.
- CVE-2011-3881Oct 25, 2011risk 0.00cvss —epss 0.02
WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the…
- CVE-2011-3975Oct 3, 2011risk 0.00cvss —epss 0.01
A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assisted remote attackers to obtain a list of telephone numbers…
- CVE-2008-7298Aug 9, 2011risk 0.00cvss —epss 0.01
The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict…
- CVE-2011-2344Jul 8, 2011risk 0.00cvss —epss 0.01
Android Picasa in Android 3.0 and 2.x through 2.3.4 uses a cleartext HTTP session when transmitting the authToken obtained from ClientLogin, which allows remote attackers to gain privileges and access private pictures and web albums by sniffing the token from connections with…
- CVE-2011-1149Apr 21, 2011risk 0.00cvss —epss 0.00
Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf, related to the use of Android shared memory (ashmem) and…
- CVE-2011-0680Jan 31, 2011risk 0.00cvss —epss 0.02
data/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does not properly manage the draft cache, which allows remote attackers to read SMS messages intended for other recipients in opportunistic circumstances via a standard text messaging…
- CVE-2009-3698Oct 14, 2009risk 0.00cvss —epss 0.01
An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656.
- CVE-2009-2999Oct 14, 2009risk 0.00cvss —epss 0.01
The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly…
- CVE-2009-2656Aug 3, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009.
- CVE-2009-2348Jul 17, 2009risk 0.00cvss —epss 0.00
Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and executing an application that does not make a…
- CVE-2009-1754May 26, 2009risk 0.00cvss —epss 0.01
The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote…
- CVE-2009-0608Feb 17, 2009risk 0.00cvss —epss 0.00
Integer overflow in the showLog function in fake_log_device.c in liblog in Open Handset Alliance Android 1.0 allows attackers to trigger a buffer overflow and possibly have unspecified other impact by sending a large number of input lines.
- CVE-2009-0607Feb 17, 2009risk 0.00cvss —epss 0.00
Multiple integer overflows in malloc_leak.c in Bionic in Open Handset Alliance Android 1.0 have unknown impact and attack vectors, related to the (1) chk_calloc and (2) leak_calloc functions.
Page 202 of 203