VYPR

Android

by Google

CVEs (4,715)

  • CVE-2017-9714HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an out of bound memory access may happen in limCheckRxRSNIeMatch in case incorrect RSNIE is received from the client in assoc request.

  • CVE-2017-9706HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an array out-of-bounds access can potentially occur in a display driver.

  • CVE-2017-9687HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, two concurrent threads/processes can write the value of "0" to the debugfs file that controls ipa ipc log which will lead to the double-free in…

  • CVE-2017-9686HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging is used.

  • CVE-2017-9683HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a meta image, an integer overflow can occur, if user-defined image offset and size values are too large.

  • CVE-2017-11067HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the Athdiag procfs entry does not have a proper address sanity check which may potentially lead to the use of an out-of-range pointer offset.

  • CVE-2017-11059HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, setting the HMAC key by different threads during SHA operations may potentially lead to a buffer overflow.

  • CVE-2017-11057HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in compatibility mode, flash_data from 64-bit userspace may cause disclosure of kernel memory or a fault due to using a userspace-provided address.

  • CVE-2017-11050HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when the pktlogconf tool gives a pktlog buffer of size less than the minimal possible source data size in the host driver, a buffer overflow can potentially occur.

  • CVE-2017-11048HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a display driver function, a Use After Free condition can occur.

  • CVE-2017-11046HigOct 10, 2017
    risk 0.51cvss 7.8epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when an audio driver ioctl handler is called, a kernel out-of-bounds write can potentially occur.

  • CVE-2017-0827HigOct 4, 2017
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-62539960. References: M-ALPS03353876, M-ALPS03353861, M-ALPS03353869, M-ALPS03353867, M-ALPS03353872.

  • CVE-2017-0826HigOct 4, 2017
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android kernel. Android ID: A-34949781.

  • CVE-2017-0812HigOct 4, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Android media framework (audio hal). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62873231.

  • CVE-2017-0811HigOct 4, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37930177.

  • CVE-2017-0810HigOct 4, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38207066.

  • CVE-2017-0809HigOct 4, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128.

  • CVE-2017-0806HigOct 4, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805.

  • CVE-2015-1537HigSep 28, 2017
    risk 0.51cvss 7.8epss 0.02

    Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application.

  • CVE-2017-9725HigSep 21, 2017
    risk 0.51cvss 7.8epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail.

Page 83 of 236