VYPR

Vendor CVEs

Google

All CVEs

11,367 total · sorted by risk
  • CVE-2017-0548MedApr 7, 2017
    risk 0.36cvss 5.5epss 0.01

    A remote denial of service vulnerability in libskia could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 7.0, 7.1.1. Android…

  • CVE-2017-0547MedApr 7, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in libmedia in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application…

  • CVE-2016-5349MedApr 6, 2017
    risk 0.36cvss 5.5epss 0.01

    The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to legitimate memory ranges related to the QSEE secure application's HLOS client.…

  • CVE-2017-0529MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product:…

  • CVE-2017-0499MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.00

    A denial of service vulnerability in Audioserver could enable a local malicious application to cause a device hang or reboot. This issue is rated as Low due to the possibility of a temporary denial of service. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android…

  • CVE-2017-0498MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.00

    A denial of service vulnerability in Setup Wizard could allow a local attacker to require Google account sign-in after a factory reset. This issue is rated as Moderate because it may require a factory reset to repair the device. Product: Android. Versions: 5.1.1, 6.0, 6.0.1,…

  • CVE-2017-0496MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.00

    A denial of service vulnerability in Setup Wizard could allow a local malicious application to temporarily block access to an affected device. This issue is rated as Moderate because it may require a factory reset to repair the device. Product: Android. Versions: 5.0.2, 5.1.1,…

  • CVE-2017-0495MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions:…

  • CVE-2017-0494MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product:…

  • CVE-2017-0492MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.00

    An elevation of privilege vulnerability in the System UI could enable a local malicious application to create a UI overlay covering the entire screen. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either…

  • CVE-2017-0491MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.00

    An elevation of privilege vulnerability in Package Manager could enable a local malicious application to prevent users from uninstalling applications or removing permissions from applications. This issue is rated as Moderate because it is a local bypass of user interaction…

  • CVE-2017-0490MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.00

    An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to delete user data. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation or user permission.…

  • CVE-2017-0489MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.00

    An elevation of privilege vulnerability in Location Manager could enable a local malicious application to bypass operating system protections for location data. This issue is rated as Moderate because it could be used to generate inaccurate data. Product: Android. Versions:…

  • CVE-2017-0488MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…

  • CVE-2017-0487MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…

  • CVE-2017-0486MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…

  • CVE-2017-0485MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…

  • CVE-2017-0484MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…

  • CVE-2017-0483MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0,…

  • CVE-2017-0482MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0,…

  • CVE-2017-0336MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product:…

  • CVE-2017-0334MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product:…

  • CVE-2016-8483MedMar 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission.…

  • CVE-2017-5025MedFeb 17, 2017
    risk 0.36cvss 5.5epss 0.01

    FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

  • CVE-2017-5024MedFeb 17, 2017
    risk 0.36cvss 5.5epss 0.01

    FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

  • CVE-2017-0448MedFeb 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product:…

  • CVE-2017-0426MedFeb 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the Filesystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions:…

  • CVE-2017-0425MedFeb 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions:…

  • CVE-2017-0424MedFeb 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. This issue is rated as Moderate because it is a general bypass for a user level defense in depth or exploit…

  • CVE-2017-0421MedFeb 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in the Framework APIs could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that…

  • CVE-2017-0420MedFeb 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in AOSP Mail could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the…

  • CVE-2017-0414MedFeb 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the…

  • CVE-2017-0413MedFeb 8, 2017
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the…

  • CVE-2017-0398MedJan 13, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions:…

  • CVE-2016-8467MedJan 13, 2017
    risk 0.36cvss 5.5epss 0.00

    An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service (device interoperability: completely permanent or requiring…

  • CVE-2017-0402MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive…

  • CVE-2017-0401MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used…

  • CVE-2017-0400MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive…

  • CVE-2017-0399MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used…

  • CVE-2017-0397MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without…

  • CVE-2017-0396MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in visualizer/EffectVisualizer.cpp in libeffects in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data…

  • CVE-2017-0395MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.00

    An elevation of privilege vulnerability in Contacts could enable a local malicious application to silently create contact information. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally…

  • CVE-2017-0393MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2,…

  • CVE-2017-0392MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in VBRISeeker.cpp in libstagefright in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android.…

  • CVE-2017-0391MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in decoder/ihevcd_decode.c in libhevc in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product:…

  • CVE-2017-0390MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in Tremolo/dpen.s in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4,…

  • CVE-2017-0388MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.00

    An elevation of privilege vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is rated as High because it is a general bypass for operating system protections…

  • CVE-2016-8463MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions:…

  • CVE-2016-8462MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access sensitive data. Product: Android. Versions: N/A. Android ID: A-32510383.

  • CVE-2016-8461MedJan 12, 2017
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access sensitive data. Product: Android. Versions: Kernel-3.18. Android ID: A-32369621.

Page 151 of 228