Total
8334 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-6628 | 1 Google | 1 Android | 2019-02-12 | 5.0 MEDIUM | N/A |
| Media Framework in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24074485. | |||||
| CVE-2015-6626 | 1 Google | 1 Android | 2019-02-12 | 5.0 MEDIUM | N/A |
| libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24310423. | |||||
| CVE-2015-6627 | 1 Google | 1 Android | 2019-02-12 | 2.6 LOW | N/A |
| The Audio component in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information via a crafted audio file, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24211743. | |||||
| CVE-2015-6622 | 1 Google | 1 Android | 2019-02-12 | 5.0 MEDIUM | N/A |
| The Native Frameworks Library in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23905002. | |||||
| CVE-2015-6620 | 1 Google | 1 Android | 2019-02-12 | 9.3 HIGH | N/A |
| libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bugs 24123723 and 24445127. | |||||
| CVE-2015-6619 | 1 Google | 1 Android | 2019-02-12 | 9.3 HIGH | N/A |
| The kernel in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, aka internal bug 23520714. | |||||
| CVE-2015-6617 | 1 Google | 1 Android | 2019-02-12 | 9.3 HIGH | N/A |
| Skia, as used in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23648740. | |||||
| CVE-2015-6616 | 1 Google | 1 Android | 2019-02-12 | 9.3 HIGH | N/A |
| mediaserver in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 24630158 and 23882800, a different vulnerability than CVE-2015-8505, CVE-2015-8506, and CVE-2015-8507. | |||||
| CVE-2018-9584 | 1 Google | 1 Android | 2019-02-12 | 4.6 MEDIUM | 7.8 HIGH |
| In nfc_ncif_set_config_status of nfc_ncif.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-114047681. | |||||
| CVE-2015-6613 | 1 Google | 1 Android | 2019-02-12 | 5.1 MEDIUM | N/A |
| Bluetooth in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to send commands to a debugging port, and consequently gain privileges, via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24371736. | |||||
| CVE-2015-6612 | 1 Google | 1 Android | 2019-02-12 | 9.3 HIGH | N/A |
| libmedia in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain privileges via a crafted application, aka internal bug 23540426. | |||||
| CVE-2015-6611 | 1 Google | 1 Android | 2019-02-12 | 5.0 MEDIUM | N/A |
| mediaserver in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, aka internal bugs 23905951, 23912202, 23953967, 23696300, 23600291, 23756261, 23541506, 23284974, 23542351, and 23542352, a different vulnerability than CVE-2015-8074. | |||||
| CVE-2015-6610 | 1 Google | 1 Android | 2019-02-12 | 10.0 HIGH | N/A |
| libstagefright in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka internal bug 23707088. | |||||
| CVE-2018-9585 | 1 Google | 1 Android | 2019-02-12 | 4.6 MEDIUM | 7.8 HIGH |
| In nfc_ncif_proc_get_routing of nfc_ncif.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-117554809. | |||||
| CVE-2015-6608 | 1 Google | 1 Android | 2019-02-12 | 10.0 HIGH | N/A |
| mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 19779574, 23680780, 23876444, and 23658148, a different vulnerability than CVE-2015-8072 and CVE-2015-8073. | |||||
| CVE-2018-9586 | 1 Google | 1 Android | 2019-02-12 | 4.4 MEDIUM | 7.0 HIGH |
| In run of InstallPackageTask.java in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, it is possible that package verification is turned off and remains off due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-116754444. | |||||
| CVE-2018-9588 | 1 Google | 1 Android | 2019-02-12 | 3.3 LOW | 6.5 MEDIUM |
| In avdt_scb_hdl_report of avdt_scb_act.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-111450156. | |||||
| CVE-2018-9592 | 1 Google | 1 Android | 2019-02-12 | 5.0 MEDIUM | 7.5 HIGH |
| In mca_ccb_hdl_rsp of mca_cact.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-116319076. | |||||
| CVE-2018-9591 | 1 Google | 1 Android | 2019-02-12 | 5.0 MEDIUM | 7.5 HIGH |
| In bta_hh_ctrl_dat_act of bta_hh_act.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-116108738. | |||||
| CVE-2018-9590 | 1 Google | 1 Android | 2019-02-12 | 5.0 MEDIUM | 7.5 HIGH |
| In add_attr of sdp_discovery.c in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-115900043. | |||||