VYPR

Android

by Google

CVEs (4,041)

  • CVE-2017-13225HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.01

    In libMtkOmxVdec.so there is a possible heap buffer overflow. This could lead to a remote elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.…

  • CVE-2017-13221HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the Upstream kernel wifi driver. Product: Android. Versions: Android kernel. Android ID: A-64709938.

  • CVE-2017-13217HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    In DisplayFtmItem in the bootloader, there is an out-of-bounds write due to reading a string without verifying that it's null-terminated. This could lead to a secure boot bypass and a local elevation of privilege enabling code execution as a privileged process with no additional…

  • CVE-2017-13215HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel.

  • CVE-2017-13213HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the Broadcom bcmdhd driver. Product: Android. Versions: Android kernel. Android ID: A-63374465. References: B-V2017081501.

  • CVE-2017-13212HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the Android system (systemui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62187985.

  • CVE-2017-13210HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    In CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp, there is an out-of-bounds write if metadataSize is too small. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed.…

  • CVE-2017-13184HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is…

  • CVE-2017-13182HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User…

  • CVE-2017-13181HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. This could lead to an local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed.…

  • CVE-2017-13180HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    In the onQueueFilled function of SoftAVCDec, there is a possible out-of-bounds write due to a use after free if a bad header causes the decoder to get caught in a loop while another thread frees the memory it's accessing. This could lead to a local elevation of privilege…

  • CVE-2017-0869HigJan 12, 2018
    risk 0.51cvss 7.8epss 0.00

    NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling code execution as a privileged process. This issue is rated as high. Version: N/A. Android ID: A-37776156. References:…

  • CVE-2017-9705HigJan 10, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing locking resulting in list_del() and…

  • CVE-2017-9689HigJan 10, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a specially-crafted HDMI CEC message can be used to cause stack memory corruption.

  • CVE-2017-14873HigJan 10, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the pp_pgc_get_config() graphics driver function, a kernel memory overwrite can potentially occur.

  • CVE-2017-11080HigJan 10, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a user supplied sparse image, a buffer overflow vulnerability could occur if the sparse header block size is equal to 4294967296.

  • CVE-2017-11003HigJan 10, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that the data fits into allotted RAM size.

  • CVE-2017-15849HigJan 10, 2018
    risk 0.51cvss 7.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a LayerStack can be destroyed in between Validate and Commit by the application resulting in a Use After Free condition.

  • CVE-2017-11069HigJan 10, 2018
    risk 0.51cvss 7.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, manipulation of SafeSwitch Image data can result in Heap overflow.

  • CVE-2017-6276HigDec 6, 2017
    risk 0.51cvss 7.8epss 0.00

    NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android.…

Page 24 of 203