Android
by Google
CVEs (4,041)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-6274 | Cri | 0.64 | 9.8 | 0.00 | Nov 14, 2017 | An elevation of Privilege vulnerability exists in the Thermal Driver, where a missing bounds checks in the thermal throttle driver can cause an out-of-bounds write in the kernel. This issue is rated as moderate. Product: Pixel. Version: N/A. Android ID: A-34705801. References:… | ||
| CVE-2017-0829 | Cri | 0.64 | 9.8 | 0.00 | Oct 4, 2017 | An elevation of privilege vulnerability in the Motorola bootloader. Product: Android. Versions: Android kernel. Android ID: A-62345044. | ||
| CVE-2017-0828 | Cri | 0.64 | 9.8 | 0.00 | Oct 4, 2017 | An elevation of privilege vulnerability in the Huawei bootloader. Product: Android. Versions: Android kernel. Android ID: A-34622855. | ||
| CVE-2017-0824 | Cri | 0.64 | 9.8 | 0.00 | Oct 4, 2017 | An elevation of privilege vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37622847. References: B-V2017063001. | ||
| CVE-2017-0822 | Cri | 0.64 | 9.8 | 0.00 | Oct 4, 2017 | An elevation of privilege vulnerability in the Android system (camera). Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63787722. | ||
| CVE-2017-0807 | Cri | 0.64 | 9.8 | 0.02 | Oct 4, 2017 | An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974. | ||
| CVE-2017-7364 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (which could point to arbitrary kernel address), so on an error condition, this… | ||
| CVE-2016-5872 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated. | ||
| CVE-2016-5871 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file. | ||
| CVE-2016-10392 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a driver can potentially leak kernel memory. | ||
| CVE-2016-10391 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity. | ||
| CVE-2016-10390 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a file, an excessive amount of memory may be consumed. | ||
| CVE-2016-10388 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application. | ||
| CVE-2016-10387 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario. | ||
| CVE-2016-10386 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP. | ||
| CVE-2016-10385 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS. | ||
| CVE-2016-10384 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl. | ||
| CVE-2016-10382 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient. | ||
| CVE-2016-10381 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location. | ||
| CVE-2016-10380 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2017 | In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location. |
- risk 0.64cvss 9.8epss 0.00
An elevation of Privilege vulnerability exists in the Thermal Driver, where a missing bounds checks in the thermal throttle driver can cause an out-of-bounds write in the kernel. This issue is rated as moderate. Product: Pixel. Version: N/A. Android ID: A-34705801. References:…
- risk 0.64cvss 9.8epss 0.00
An elevation of privilege vulnerability in the Motorola bootloader. Product: Android. Versions: Android kernel. Android ID: A-62345044.
- risk 0.64cvss 9.8epss 0.00
An elevation of privilege vulnerability in the Huawei bootloader. Product: Android. Versions: Android kernel. Android ID: A-34622855.
- risk 0.64cvss 9.8epss 0.00
An elevation of privilege vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37622847. References: B-V2017063001.
- risk 0.64cvss 9.8epss 0.00
An elevation of privilege vulnerability in the Android system (camera). Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63787722.
- risk 0.64cvss 9.8epss 0.02
An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (which could point to arbitrary kernel address), so on an error condition, this…
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, a driver can potentially leak kernel memory.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a file, an excessive amount of memory may be consumed.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.
- risk 0.64cvss 9.8epss 0.01
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.
Page 9 of 203