Vendor CVEs
All CVEs
11,416 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-9967 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | ||
| CVE-2014-9965 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of an SCM call. | ||
| CVE-2014-9964 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality. | ||
| CVE-2014-9963 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM. | ||
| CVE-2014-9962 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of a DRM provisioning command. | ||
| CVE-2014-9961 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection. | ||
| CVE-2014-9960 | Hig | 0.51 | 7.8 | 0.01 | Jun 13, 2017 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. | ||
| CVE-2015-9007 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist. | ||
| CVE-2015-9006 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist. | ||
| CVE-2015-9005 | Hig | 0.51 | 7.8 | 0.01 | Jun 6, 2017 | In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. | ||
| CVE-2014-9952 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist. | ||
| CVE-2014-9950 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist. | ||
| CVE-2014-9949 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist. | ||
| CVE-2014-9948 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist. | ||
| CVE-2014-9946 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | ||
| CVE-2014-9945 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist. | ||
| CVE-2014-9944 | Hig | 0.51 | 7.8 | 0.01 | Jun 6, 2017 | In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. | ||
| CVE-2014-9943 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In Core Kernel in all Android releases from CAF using the Linux kernel, a Null Pointer Dereference vulnerability could potentially exist. | ||
| CVE-2014-9942 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist. | ||
| CVE-2014-9930 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | ||
| CVE-2014-9929 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist. | ||
| CVE-2014-9928 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||
| CVE-2014-9927 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||
| CVE-2014-9926 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | ||
| CVE-2014-9925 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||
| CVE-2014-9924 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur. | ||
| CVE-2014-9923 | Hig | 0.51 | 7.8 | 0.00 | Jun 6, 2017 | In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||
| CVE-2016-10239 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability… | ||
| CVE-2016-10238 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue. | ||
| CVE-2016-10237 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory. | ||
| CVE-2015-9003 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel. | ||
| CVE-2015-9002 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | ||
| CVE-2015-9000 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | ||
| CVE-2015-8999 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file. | ||
| CVE-2015-8998 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. | ||
| CVE-2015-8995 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. | ||
| CVE-2014-9937 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | ||
| CVE-2014-9935 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | ||
| CVE-2014-9934 | Hig | 0.51 | 7.8 | 0.00 | May 16, 2017 | A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. | ||
| CVE-2014-9933 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. | ||
| CVE-2014-9932 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. | ||
| CVE-2014-9931 | Hig | 0.51 | 7.8 | 0.01 | May 16, 2017 | A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. | ||
| CVE-2017-8246 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2017 | In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that… | ||
| CVE-2017-8245 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2017 | In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs. | ||
| CVE-2017-0604 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2017 | An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which… | ||
| CVE-2017-0597 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2017 | An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are… | ||
| CVE-2017-0596 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2017 | An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated… | ||
| CVE-2017-0595 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2017 | An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated… | ||
| CVE-2017-0594 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2017 | An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to… | ||
| CVE-2017-0593 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2017 | An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other… |
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of an SCM call.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of a DRM provisioning command.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection.
- risk 0.51cvss 7.8epss 0.01
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API.
- risk 0.51cvss 7.8epss 0.00
In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.01
In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.01
In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In Core Kernel in all Android releases from CAF using the Linux kernel, a Null Pointer Dereference vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.00
In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur.
- risk 0.51cvss 7.8epss 0.00
In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.
- risk 0.51cvss 7.8epss 0.01
In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability…
- risk 0.51cvss 7.8epss 0.01
In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue.
- risk 0.51cvss 7.8epss 0.01
If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory.
- risk 0.51cvss 7.8epss 0.01
In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel.
- risk 0.51cvss 7.8epss 0.01
In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
- risk 0.51cvss 7.8epss 0.01
In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
- risk 0.51cvss 7.8epss 0.01
In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file.
- risk 0.51cvss 7.8epss 0.01
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
- risk 0.51cvss 7.8epss 0.01
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
- risk 0.51cvss 7.8epss 0.01
In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
- risk 0.51cvss 7.8epss 0.01
In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
- risk 0.51cvss 7.8epss 0.00
A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding.
- risk 0.51cvss 7.8epss 0.01
Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access.
- risk 0.51cvss 7.8epss 0.01
In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation.
- risk 0.51cvss 7.8epss 0.01
A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value.
- risk 0.51cvss 7.8epss 0.00
In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that…
- risk 0.51cvss 7.8epss 0.00
In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs.
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to…
- risk 0.51cvss 7.8epss 0.00
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other…
Page 87 of 229