Total
8673 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9946 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||||
| CVE-2015-3839 | 1 Google | 1 Android | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). | |||||
| CVE-2017-0664 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36491278. | |||||
| CVE-2017-8241 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a WLAN function due to an incorrect message length. | |||||
| CVE-2017-0475 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the recovery verifier could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31914369. | |||||
| CVE-2017-8260 | 1 Google | 1 Android | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, due to a type downcast, a value may improperly pass validation and cause an out of bounds write later. | |||||
| CVE-2017-0440 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33252788. References: QC-CR#1095770. | |||||
| CVE-2017-0548 | 1 Google | 1 Android | 2025-04-20 | 7.1 HIGH | 5.5 MEDIUM |
| A remote denial of service vulnerability in libskia could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33251605. | |||||
| CVE-2017-0806 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805. | |||||
| CVE-2017-9703 | 1 Google | 1 Android | 2025-04-20 | 4.4 MEDIUM | 7.0 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a Camera driver can lead to a Use After Free condition. | |||||
| CVE-2017-13166 | 1 Google | 1 Android | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167. | |||||
| CVE-2017-0838 | 1 Google | 1 Android | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-63522818. | |||||
| CVE-2017-0864 | 1 Google | 1 Android | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability in the MediaTek ioctl (flashlight). Product: Android. Versions: Android kernel. Android ID: A-37277147. References: M-ALPS03394571. | |||||
| CVE-2017-13150 | 1 Google | 1 Android | 2025-04-20 | 8.5 HIGH | 9.1 CRITICAL |
| An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-38328132. | |||||
| CVE-2017-0481 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in NFC could enable a proximate attacker to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33434992. | |||||
| CVE-2017-8266 | 1 Google | 1 Android | 2025-04-20 | 5.1 MEDIUM | 7.0 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition. | |||||
| CVE-2017-0446 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32917445. | |||||
| CVE-2017-0410 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31929765. | |||||
| CVE-2014-9935 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2017-0602 | 1 Google | 1 Android | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in Bluetooth could allow a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34946955. | |||||