VYPR

Vendor CVEs

Google

All CVEs

11,416 total · sorted by risk
  • CVE-2017-9708HigDec 5, 2017
    risk 0.46cvss 7.0epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the camera driver, the function "msm_ois_power_down" is called without a mutex and a race condition can occur in variable "*reg_ptr" of sub function…

  • CVE-2017-9703HigDec 5, 2017
    risk 0.46cvss 7.0epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a Camera driver can lead to a Use After Free condition.

  • CVE-2017-11049HigDec 5, 2017
    risk 0.46cvss 7.0epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a video driver, a race condition exists which can potentially lead to a buffer overflow.

  • CVE-2017-11045HigDec 5, 2017
    risk 0.46cvss 7.0epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a camera driver function, a race condition exists which can lead to a Use After Free condition.

  • CVE-2017-11044HigDec 5, 2017
    risk 0.46cvss 7.0epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a KGSL driver function, a race condition exists which can lead to a Use After Free condition.

  • CVE-2017-11025HigNov 16, 2017
    risk 0.46cvss 7.0epss 0.00

    In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the function audio_effects_shared_ioctl(), memory corruption can occur.

  • CVE-2017-9697HigOct 10, 2017
    risk 0.46cvss 7.0epss 0.00

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command registration table entries in diag_dbgfs_read_table.

  • CVE-2016-5868HigSep 25, 2017
    risk 0.46cvss 7.0epss 0.01

    drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process.

  • CVE-2017-8280HigSep 21, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a memory leak and a buffer overflow during the context switch.

  • CVE-2017-0785MedSep 14, 2017
    risk 0.46cvss 6.5epss 0.12

    A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698.

  • CVE-2017-0778HigSep 8, 2017
    risk 0.46cvss 7.1epss 0.00

    A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-62133227.

  • CVE-2017-9684HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition.

  • CVE-2017-8270HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition.

  • CVE-2017-8267HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write.

  • CVE-2017-8266HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.

  • CVE-2017-8265HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free.

  • CVE-2017-8262HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, in some memory allocation and free functions, a race condition can potentially occur leading to a Use After Free condition.

  • CVE-2015-0576HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA.

  • CVE-2016-5867HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow.

  • CVE-2016-5862HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel…

  • CVE-2016-5860HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a heap buffer overflow.

  • CVE-2016-5859HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow.

  • CVE-2016-5853HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed, but code execution continues in the same way as for a correct length value.

  • CVE-2017-6249HigJul 13, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product:…

  • CVE-2014-7953HigJul 7, 2017
    risk 0.46cvss 7.0epss 0.00

    Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script…

  • CVE-2017-6248HigJul 6, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product:…

  • CVE-2017-0649HigJun 14, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of…

  • CVE-2017-0636HigJun 14, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

  • CVE-2017-7372HigJun 13, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to buffer overflow or write to arbitrary pointer location.

  • CVE-2017-7370HigJun 13, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.

  • CVE-2017-7368HigJun 13, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Android releases from CAF using the Linux kernel, a race condition potentially exists in the ioctl handler of a sound driver.

  • CVE-2016-10339HigJun 13, 2017
    risk 0.46cvss 7.1epss 0.01

    In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore.

  • CVE-2015-9022HigJun 13, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Android releases from CAF using the Linux kernel, time-of-check Time-of-use (TOCTOU) Race Conditions exist in several TZ APIs.

  • CVE-2014-9966HigJun 13, 2017
    risk 0.46cvss 7.0epss 0.00

    In all Android releases from CAF using the Linux kernel, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists in Secure Display.

  • CVE-2016-10297HigJun 6, 2017
    risk 0.46cvss 7.0epss 0.00

    In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist.

  • CVE-2014-9941HigJun 6, 2017
    risk 0.46cvss 7.0epss 0.00

    In the Embedded File System in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist.

  • CVE-2016-10242HigMay 16, 2017
    risk 0.46cvss 7.0epss 0.00

    A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel.

  • CVE-2015-8997HigMay 16, 2017
    risk 0.46cvss 7.0epss 0.00

    In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel.

  • CVE-2015-8996HigMay 16, 2017
    risk 0.46cvss 7.0epss 0.00

    In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel.

  • CVE-2014-9936HigMay 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel.

  • CVE-2017-8244HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.00

    In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow…

  • CVE-2017-0623HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0622HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Goodix touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

  • CVE-2017-0621HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0620HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process.…

  • CVE-2017-0619HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

  • CVE-2017-0618HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.00

    An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

  • CVE-2017-0617HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0616HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged…

  • CVE-2017-0615HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

Page 109 of 229