A use-after-free in AnimationController::endAnimationUpdate in Google Chrome.
Max CVSS
9.8
EPSS Score
0.10%
Published
2017-04-11
Updated
2017-04-17
SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash).
Max CVSS
7.5
EPSS Score
0.10%
Published
2017-04-13
Updated
2020-06-23
Google Chrome caches TLS sessions before certificate validation occurs.
Max CVSS
6.5
EPSS Score
0.07%
Published
2017-04-13
Updated
2017-04-20
WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle exceptions, which allows remote attackers to cause a denial of service (reboot) via a crafted 802.11 probe response frame.
Max CVSS
7.5
EPSS Score
5.89%
Published
2017-09-26
Updated
2018-10-09
cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths.
Max CVSS
7.5
EPSS Score
0.42%
Published
2017-10-18
Updated
2017-11-07
b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger a denial of service (null pointer dereference and process crash).
Max CVSS
7.5
EPSS Score
0.31%
Published
2017-06-08
Updated
2017-06-15
mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921.
Max CVSS
10.0
EPSS Score
0.11%
Published
2017-04-13
Updated
2018-08-13
mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920.
Max CVSS
10.0
EPSS Score
0.11%
Published
2017-04-13
Updated
2018-08-13
Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script to process logcat's output looking for a dexopt line, which once found should execute bindBackupAgent with the uid member of the ApplicationInfo parameter set to 1000.
Max CVSS
7.0
EPSS Score
0.04%
Published
2017-07-07
Updated
2018-10-09
Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. (dot dot) in a name parameter of an MTP request.
Max CVSS
4.6
EPSS Score
0.09%
Published
2017-07-07
Updated
2018-10-09
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-08-18
Updated
2017-08-23
The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.
Max CVSS
9.8
EPSS Score
1.01%
Published
2017-04-24
Updated
2019-04-23
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31676542. References: B-RB#26684.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-01-18
Updated
2017-01-20
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31746399. References: B-RB#26710.
Max CVSS
7.6
EPSS Score
0.06%
Published
2017-01-18
Updated
2017-01-20
Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-02-07
Updated
2023-01-17
The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.
Max CVSS
9.3
EPSS Score
0.08%
Published
2017-04-04
Updated
2017-07-11
In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-06-06
Updated
2017-06-09
In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-06-06
Updated
2017-06-09
In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-06-06
Updated
2017-06-09
In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.
Max CVSS
9.3
EPSS Score
0.07%
Published
2017-06-06
Updated
2017-06-09
In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-06-06
Updated
2017-06-09
In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-06-06
Updated
2017-06-09
In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-06-06
Updated
2017-06-09
In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.
Max CVSS
9.3
EPSS Score
0.07%
Published
2017-06-06
Updated
2017-06-09
A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value.
Max CVSS
9.3
EPSS Score
0.11%
Published
2017-05-16
Updated
2017-07-11
1006 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!