VYPR

Vendor CVEs

Google

All CVEs

11,416 total · sorted by risk
  • CVE-2015-9132HigApr 18, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling…

  • CVE-2015-9131HigApr 18, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, lack of input validation in qsee can lead to unauthorized memory access.

  • CVE-2015-9119HigApr 18, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD…

  • CVE-2014-9986HigApr 18, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810,…

  • CVE-2014-10063HigApr 18, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625 and SD 800, a fuse is not correctly blown on a secure device.

  • CVE-2017-18143HigApr 11, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a secure device, PD dumps are collected when debugging is not enabled.

  • CVE-2017-18128HigApr 11, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, improper access control while configuring MPU protecting error correction registers may potentially lead to exposure of related secured data.

  • CVE-2017-18126HigApr 11, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD…

  • CVE-2017-18125HigApr 11, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, when secure camera is activated it stores captured data in protected buffers. The TEE application which…

  • CVE-2017-18072HigApr 11, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427,…

  • CVE-2016-8486HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.01

    An information disclosure vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823691.

  • CVE-2016-8485HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.01

    An information disclosure vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823681.

  • CVE-2016-10235HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.01

    A denial of service vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-34390620. References: QC-CR#1046409.

  • CVE-2017-13264HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A other vulnerability in the Android media framework (Avcdec). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70294343.

  • CVE-2017-13259HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.01

    In functionality implemented in sdp_discovery.cc, there are possible out of bounds reads due to missing bounds checks. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2017-13254HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A other vulnerability in the Android media framework (AACExtractor). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70239507.

  • CVE-2017-13302HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A denial of service vulnerability in the Android system (system ui). Product: Android. Versions: 8.0. Android ID: A-69969749.

  • CVE-2017-13301HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A denial of service vulnerability in the Android system (system ui). Product: Android. Versions: 8.0. Android ID: A-66498711.

  • CVE-2017-13300HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 6.0, 6.0.1. Android ID: A-71567394.

  • CVE-2017-13299HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A other vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70897394.

  • CVE-2017-13291HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.01

    In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible NULL pointer dereference due to missing bounds checks. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2017-13280HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.01

    In the FrameSequence_gif::FrameSequence_gif function of libframesequence, there is a out of bounds read due to a missing bounds check. This could lead to a remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.…

  • CVE-2017-15859HigMar 30, 2018
    risk 0.49cvss 7.5epss 0.01

    While processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE_DECR_DB contains fewer than 1 byte, in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-11 a buffer overrun occurs.

  • CVE-2017-14875HigMar 30, 2018
    risk 0.49cvss 7.5epss 0.01

    In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-05-23, a heap overread vulnerability exists.

  • CVE-2017-11087HigMar 30, 2018
    risk 0.49cvss 7.5epss 0.01

    libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the "filled length", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context of mediaserver.

  • CVE-2017-18060HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for resp_event->vdev_id in wma_unified_bcntx_status_event_handler(), which is received from firmware, leads to potential out of bounds memory…

  • CVE-2017-18059HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_scan_event_callback(), which is received from firmware, leads to potential out of bounds memory read.

  • CVE-2017-18058HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wow_buf_pkt_len in wma_wow_wakeup_host_event() which is received from firmware leads to potential out of bounds memory read.

  • CVE-2017-18057HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_nlo_scan_cmp_evt_handler(), which is received from firmware, leads to potential out of bounds memory read.

  • CVE-2017-18053HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for fix_param->vdev_id in wma_p2p_lo_event_handler(), which is received from firmware, leads to potential out of bounds memory read.

  • CVE-2017-18052HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for cmpl_params->num_reports, param_buf->desc_ids and param_buf->status in wma_mgmt_tx_bundle_completion_handler(), which is received from…

  • CVE-2017-18051HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for event->vdev_id in wma_rcpi_event_handler(), which is received from firmware, leads to potential out of bounds memory read.

  • CVE-2017-18069HigMar 15, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper message length calculation in oem_cmd_handler() while processing a WLAN_NL_MSG_OEM netlink message leads to buffer overread.

  • CVE-2017-14882HigMar 15, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing VENDOR specific action frame in the function lim_process_action_vendor_specific(), a comparison is performed with the incoming action frame body…

  • CVE-2017-14878HigMar 15, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a length variable which is used to copy data has a size of only 8 bits and can be exceeded resulting in a denial of service.

  • CVE-2017-13246HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A information disclosure vulnerability in the Upstream kernel network driver. Product: Android. Versions: Android kernel. ID: A-36279469.

  • CVE-2017-13243HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991.

  • CVE-2017-13242HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-62672248.

  • CVE-2017-13241HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A information disclosure vulnerability in the Android media framework (libstagefright_soft_avcenc). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-69065651.

  • CVE-2017-13240HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A information disclosure vulnerability in the Android framework (crypto framework). Product: Android. Versions: 8.0, 8.1. ID: A-68694819.

  • CVE-2017-13239HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.00

    A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Versions: 8.0. ID: A-66244132.

  • CVE-2017-13232HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.01

    In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.…

  • CVE-2017-13222HigJan 12, 2018
    risk 0.49cvss 7.5epss 0.01

    An information disclosure vulnerability in the Upstream kernel kernel. Product: Android. Versions: Android kernel. Android ID: A-38159576.

  • CVE-2017-13219HigJan 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A denial of service vulnerability in the Upstream kernel synaptics touchscreen controller. Product: Android. Versions: Android kernel. Android ID: A-62800865.

  • CVE-2017-13214HigJan 12, 2018
    risk 0.49cvss 7.5epss 0.02

    In the hardware HEVC decoder, some media files could cause a page fault. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:…

  • CVE-2017-13211HigJan 12, 2018
    risk 0.49cvss 7.5epss 0.02

    In bta_scan_results_cb_impl of btif_ble_scanner.cc, there is possible resource exhaustion if a large number of repeated BLE scan results are received. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User…

  • CVE-2017-13207HigJan 12, 2018
    risk 0.49cvss 7.5epss 0.01

    An information disclosure vulnerability in the Android media framework (stagefright mpeg4writer). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37564426.

  • CVE-2017-13206HigJan 12, 2018
    risk 0.49cvss 7.5epss 0.01

    An information disclosure vulnerability in the Android media framework (aacdec). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65025048.

  • CVE-2017-13202HigJan 12, 2018
    risk 0.49cvss 7.5epss 0.01

    An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67647856.

  • CVE-2017-13201HigJan 12, 2018
    risk 0.49cvss 7.5epss 0.01

    An information disclosure vulnerability in the Android media framework (mediadrm). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63982768.

Page 102 of 229