Android
by Google
CVEs (4,715)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0416 | Hig | 0.51 | 7.8 | 0.01 | Feb 8, 2017 | An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are… | ||
| CVE-2017-0415 | Hig | 0.51 | 7.8 | 0.01 | Feb 8, 2017 | An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are… | ||
| CVE-2017-0410 | Hig | 0.51 | 7.8 | 0.01 | Feb 8, 2017 | An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities,… | ||
| CVE-2017-0409 | Hig | 0.51 | 7.8 | 0.01 | Feb 8, 2017 | A remote code execution vulnerability in libstagefright could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that… | ||
| CVE-2017-0408 | Hig | 0.51 | 7.8 | 0.01 | Feb 8, 2017 | A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses… | ||
| CVE-2017-0407 | Hig | 0.51 | 7.8 | 0.02 | Feb 8, 2017 | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of… | ||
| CVE-2017-0406 | Hig | 0.51 | 7.8 | 0.02 | Feb 8, 2017 | A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of… | ||
| CVE-2017-0405 | Hig | 0.51 | 7.8 | 0.02 | Feb 8, 2017 | A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of… | ||
| CVE-2016-6492 | Hig | 0.51 | 7.8 | 0.01 | Jan 12, 2017 | The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOC_T_SET_FDCONF_CMD IOCTL call. | ||
| CVE-2017-0387 | Hig | 0.51 | 7.8 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are… | ||
| CVE-2017-0386 | Hig | 0.51 | 7.8 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which… | ||
| CVE-2017-0385 | Hig | 0.51 | 7.8 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are… | ||
| CVE-2017-0384 | Hig | 0.51 | 7.8 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to… | ||
| CVE-2017-0383 | Hig | 0.51 | 7.8 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities,… | ||
| CVE-2017-0382 | Hig | 0.51 | 7.8 | 0.01 | Jan 12, 2017 | A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an… | ||
| CVE-2017-0381 | Hig | 0.51 | 7.8 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without… | ||
| CVE-2016-8443 | Hig | 0.51 | 7.8 | 0.00 | Jan 12, 2017 | Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: QC-CR#964185. | ||
| CVE-2016-8442 | Hig | 0.51 | 7.8 | 0.00 | Jan 12, 2017 | Possible unauthorized memory access in the hypervisor. Lack of input validation could allow hypervisor memory to be accessed by the HLOS. Product: Android. Versions: Kernel 3.18. Android ID: A-31625910. QC-CR#1038173. | ||
| CVE-2016-8441 | Hig | 0.51 | 7.8 | 0.00 | Jan 12, 2017 | Possible buffer overflow in the hypervisor. Inappropriate usage of a static array could lead to a buffer overrun. Product: Android. Versions: Kernel 3.18. Android ID: A-31625904. References: QC-CR#1027769. | ||
| CVE-2016-8436 | Hig | 0.51 | 7.8 | 0.01 | Jan 12, 2017 | An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may… |
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities,…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in libstagefright could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses…
- risk 0.51cvss 7.8epss 0.02
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of…
- risk 0.51cvss 7.8epss 0.02
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of…
- risk 0.51cvss 7.8epss 0.02
A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of…
- risk 0.51cvss 7.8epss 0.01
The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOC_T_SET_FDCONF_CMD IOCTL call.
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities,…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an…
- risk 0.51cvss 7.8epss 0.01
An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without…
- risk 0.51cvss 7.8epss 0.00
Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: QC-CR#964185.
- risk 0.51cvss 7.8epss 0.00
Possible unauthorized memory access in the hypervisor. Lack of input validation could allow hypervisor memory to be accessed by the HLOS. Product: Android. Versions: Kernel 3.18. Android ID: A-31625910. QC-CR#1038173.
- risk 0.51cvss 7.8epss 0.00
Possible buffer overflow in the hypervisor. Inappropriate usage of a static array could lead to a buffer overrun. Product: Android. Versions: Kernel 3.18. Android ID: A-31625904. References: QC-CR#1027769.
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may…
Page 97 of 236