VYPR

Android

by Google

CVEs (4,715)

  • CVE-2014-9937HigMay 16, 2017
    risk 0.51cvss 7.8epss 0.01

    In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.

  • CVE-2014-9935HigMay 16, 2017
    risk 0.51cvss 7.8epss 0.01

    In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.

  • CVE-2014-9934HigMay 16, 2017
    risk 0.51cvss 7.8epss 0.00

    A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding.

  • CVE-2014-9933HigMay 16, 2017
    risk 0.51cvss 7.8epss 0.01

    Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access.

  • CVE-2014-9932HigMay 16, 2017
    risk 0.51cvss 7.8epss 0.01

    In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation.

  • CVE-2014-9931HigMay 16, 2017
    risk 0.51cvss 7.8epss 0.01

    A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value.

  • CVE-2017-8246HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.00

    In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that…

  • CVE-2017-8245HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.00

    In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs.

  • CVE-2017-0604HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which…

  • CVE-2017-0597HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are…

  • CVE-2017-0596HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated…

  • CVE-2017-0595HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated…

  • CVE-2017-0594HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to…

  • CVE-2017-0593HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.00

    An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other…

  • CVE-2017-0592HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote…

  • CVE-2017-0591HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0590HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0589HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0588HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code…

  • CVE-2017-0587HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

Page 93 of 236