Total
8334 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10242 | 1 Google | 1 Android | 2017-07-11 | 7.6 HIGH | 7.0 HIGH |
| A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2014-9933 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. | |||||
| CVE-2014-9931 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. | |||||
| CVE-2014-9922 | 2 Google, Linux | 2 Android, Linux Kernel | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. | |||||
| CVE-2015-9002 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2017-0541 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34031018. | |||||
| CVE-2016-10239 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability could potentially occur. | |||||
| CVE-2015-8995 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2016-10238 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue. | |||||
| CVE-2017-0542 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33934721. | |||||
| CVE-2015-9001 | 1 Google | 1 Android | 2017-07-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2017-0543 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34097866. | |||||
| CVE-2015-8998 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2015-9003 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2015-8996 | 1 Google | 1 Android | 2017-07-11 | 7.6 HIGH | 7.0 HIGH |
| In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2014-9936 | 1 Google | 1 Android | 2017-07-11 | 7.6 HIGH | 7.0 HIGH |
| In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2017-0556 | 1 Google | 1 Android | 2017-07-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34093952. | |||||
| CVE-2014-9932 | 1 Google | 1 Android | 2017-07-11 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. | |||||
| CVE-2017-0547 | 1 Google | 1 Android | 2017-07-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in libmedia in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33861560. | |||||
| CVE-2017-0559 | 1 Google | 1 Android | 2017-07-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in libskia could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33897722. | |||||