CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android » : Security Vulnerabilities

Cpe Name:cpe:/o:google:android
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-8242 362 2017-06-13 2017-06-16
4.3
None Remote Medium Not required None Partial None
In all Android releases from CAF using the Linux kernel, a race condition exists in a QTEE driver potentially leading to an arbitrary memory write.
2 CVE-2017-8241 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a WLAN function due to an incorrect message length.
3 CVE-2017-8240 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability.
4 CVE-2017-8239 200 +Info 2017-06-13 2017-06-20
4.3
None Remote Medium Not required Partial None None
In all Android releases from CAF using the Linux kernel, userspace-controlled parameters for flash initialization are not sanitized potentially leading to exposure of kernel memory.
5 CVE-2017-8238 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a camera function.
6 CVE-2017-8237 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists while loading a firmware image.
7 CVE-2017-8236 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver.
8 CVE-2017-8235 254 2017-06-13 2017-06-20
4.3
None Remote Medium Not required None Partial None
In all Android releases from CAF using the Linux kernel, a memory structure in a camera driver is not properly protected.
9 CVE-2017-8234 284 2017-06-13 2017-06-20
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, an out of bounds access can potentially occur in a camera function.
10 CVE-2017-8233 787 2017-06-13 2017-06-20
9.3
None Remote Medium Not required Complete Complete Complete
In a camera driver function in all Android releases from CAF using the Linux kernel, a bounds check is missing when writing into an array potentially leading to an out-of-bounds heap write.
11 CVE-2017-7373 415 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a double free vulnerability exists in a display driver.
12 CVE-2017-7372 119 Overflow 2017-06-13 2017-06-16
7.6
None Remote High Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to buffer overflow or write to arbitrary pointer location.
13 CVE-2017-7371 416 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a data pointer is potentially used after it has been freed when SLIMbus is turned off by Bluetooth.
14 CVE-2017-7370 416 2017-06-13 2017-06-19
7.6
None Remote High Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.
15 CVE-2017-7369 20 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, an array index in an ALSA routine is not properly validating potentially leading to kernel stack corruption.
16 CVE-2017-7368 362 2017-06-13 2017-06-19
7.6
None Remote High Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a race condition potentially exists in the ioctl handler of a sound driver.
17 CVE-2017-7367 191 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image.
18 CVE-2017-7366 20 2017-06-13 2017-06-19
4.3
None Remote Medium Not required None Partial None
In all Android releases from CAF using the Linux kernel, a KGSL ioctl was not validating all of its parameters.
19 CVE-2017-7365 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated.
20 CVE-2016-10342 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler.
21 CVE-2016-10341 264 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended.
22 CVE-2016-10340 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler.
23 CVE-2016-10339 200 +Info 2017-06-13 2017-06-19
5.8
None Remote Medium Not required Partial Partial None
In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore.
24 CVE-2016-10338 20 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing.
25 CVE-2016-10337 20 2017-06-13 2017-06-19
4.3
None Remote Medium Not required None Partial None
In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed.
26 CVE-2016-10336 254 2017-06-13 2017-06-19
4.3
None Remote Medium Not required None Partial None
In all Android releases from CAF using the Linux kernel, some regions of memory were not protected during boot.
27 CVE-2016-10335 284 2017-06-13 2017-06-19
4.3
None Remote Medium Not required None Partial None
In all Android releases from CAF using the Linux kernel, libtomcrypt was updated.
28 CVE-2016-10334 284 2017-06-13 2017-06-19
4.3
None Remote Medium Not required None Partial None
In all Android releases from CAF using the Linux kernel, a dynamically-protected DDR region could potentially get overwritten.
29 CVE-2016-10333 284 2017-06-13 2017-06-19
4.3
None Remote Medium Not required None Partial None
In all Android releases from CAF using the Linux kernel, a sensitive system call was allowed to be called by HLOS.
30 CVE-2016-10332 254 2017-06-13 2017-06-19
4.3
None Remote Medium Not required None Partial None
In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications.
31 CVE-2016-10239 190 Overflow Bypass 2017-05-16 2017-05-23
9.3
None Remote Medium Not required Complete Complete Complete
In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability could potentially occur.
32 CVE-2016-1948 310 2016-01-31 2016-11-30
4.3
None Remote Medium Not required None Partial None
Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream.
33 CVE-2016-1943 17 2016-01-31 2016-11-30
4.3
None Remote Medium Not required None Partial None
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.
34 CVE-2016-1940 17 2016-01-31 2016-11-30
5.0
None Remote Low Not required None Partial None
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing.
35 CVE-2015-9033 20 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a pointer.
36 CVE-2015-9032 200 +Info 2017-06-13 2017-06-19
4.3
None Remote Medium Not required Partial None None
In all Android releases from CAF using the Linux kernel, a DRM key was exposed to QTEE applications.
37 CVE-2015-9031 200 +Info 2017-06-13 2017-06-19
4.3
None Remote Medium Not required Partial None None
In all Android releases from CAF using the Linux kernel, a TZ memory address is exposed to HLOS by HDCP.
38 CVE-2015-9030 306 Bypass 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication.
39 CVE-2015-9029 284 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access control settings of modem memory.
40 CVE-2015-9028 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a cryptographic routine.
41 CVE-2015-9027 476 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM.
42 CVE-2015-9026 476 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM.
43 CVE-2015-9025 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application.
44 CVE-2015-9024 284 2017-06-13 2017-06-19
4.3
None Remote Medium Not required None Partial None
In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications.
45 CVE-2015-9023 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API.
46 CVE-2015-9022 362 2017-06-13 2017-06-19
7.6
None Remote High Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, time-of-check Time-of-use (TOCTOU) Race Conditions exist in several TZ APIs.
47 CVE-2015-9021 284 2017-06-13 2017-06-19
4.3
None Remote Medium Not required None None Partial
In all Android releases from CAF using the Linux kernel, access control to SMEM memory was not enabled.
48 CVE-2015-9020 476 2017-06-13 2017-06-19
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in the unlocking of memory.
49 CVE-2015-9003 310 2017-05-16 2017-05-23
9.3
None Remote Medium Not required Complete Complete Complete
In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel.
50 CVE-2015-9002 189 2017-05-16 2017-05-23
9.3
None Remote Medium Not required Complete Complete Complete
In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
Total number of vulnerabilities : 101   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.