VYPR

Android

by Google

CVEs (4,041)

  • CVE-2016-10393CriMar 15, 2018
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a clip with large size values, integer arithmetic overflows, and allocated buffer size will be less than intended buffer size. The following buffer…

  • CVE-2017-13229CriFeb 12, 2018
    risk 0.64cvss 9.8epss 0.02

    A remote code execution vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68160703.

  • CVE-2017-13208CriJan 12, 2018
    risk 0.64cvss 9.8epss 0.09

    In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed…

  • CVE-2017-13179CriJan 12, 2018
    risk 0.64cvss 9.8epss 0.02

    In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both ps_codec_obj and ps_create_op->s_ivd_create_op_t.pv_handle point to the same memory and ps_codec_obj could be freed without clearing…

  • CVE-2017-13178CriJan 12, 2018
    risk 0.64cvss 9.8epss 0.02

    In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction…

  • CVE-2017-13177CriJan 12, 2018
    risk 0.64cvss 9.8epss 0.02

    In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1,…

  • CVE-2017-13160CriDec 6, 2017
    risk 0.64cvss 9.8epss 0.02

    A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362.

  • CVE-2017-6211CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of a downlink supplementary services message, a buffer overflow can occur.

  • CVE-2017-14918CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the GPS location wireless interface, a Use After Free condition can occur.

  • CVE-2017-14917CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated.

  • CVE-2017-14916CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated.

  • CVE-2017-14914CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, handles in the global client structure can become stale.

  • CVE-2017-14909CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a count value that is read from a file is not properly validated.

  • CVE-2017-14908CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the SafeSwitch test application does not properly validate the number of blocks to verify.

  • CVE-2017-11006CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Use After Free condition can occur during positioning.

  • CVE-2017-11005CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Use After Free condition can occur during a deinitialization path.

  • CVE-2017-9709CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a privilege escalation vulnerability exists in telephony.

  • CVE-2017-15813CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overflow can occur while reading firmware logs.

  • CVE-2017-14907CriDec 5, 2017
    risk 0.64cvss 9.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, cryptographic strength is reduced while deriving disk encryption key.

  • CVE-2017-0847CriNov 16, 2017
    risk 0.64cvss 9.8epss 0.00

    An elevation of privilege vulnerability in the Android media framework (mediaanalytics). Product: Android. Versions: 8.0. Android ID: A-65540999.

Page 8 of 203