CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2018-11270 415 Mem. Corr. 2018-09-18 2018-11-09
4.6
None Local Low Not required Partial Partial Partial
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, memory allocated with devm_kzalloc is automatically released by the kernel if the probe function fails with an error code. This may result in data corruption.
52 CVE-2018-11265 119 Overflow 2018-09-18 2018-11-09
4.6
None Local Low Not required Partial Partial Partial
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possible buffer overflow while incrementing the log_buf of type uint64_t in memcpy function, since the log_buf pointer can access the memory beyond the size to store the data after pointer increment.
53 CVE-2018-11263 129 2018-09-06 2018-11-14
5.8
None Local Network Low Not required Partial Partial Partial
In all Android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, radio_id is received from the FW and is used to access the buffer to copy the radio stats received for each radio from FW. If the radio_id received from the FW is greater than or equal to maximum, an OOB write will occur. On supported Google Pixel and Nexus devices, this has been addressed in security patch level 2018-08-05.
54 CVE-2018-11262 787 2018-09-04 2018-10-26
7.2
None Local Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT.
55 CVE-2018-9515 264 Mem. Corr. 2018-10-02 2018-11-20
7.2
None Local Low Not required Complete Complete Complete
In sdcardfs_create and sdcardfs_mkdir of inode.c, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111641492 References: N/A
56 CVE-2018-9513 415 Mem. Corr. 2018-10-02 2018-11-20
7.2
None Local Low Not required Complete Complete Complete
In copy_process of fork.c, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111081202 References: N/A
57 CVE-2018-9511 254 DoS 2018-10-02 2018-11-20
4.9
None Local Low Not required None None Complete
In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a security feature due to uninitialized data. This could lead to local denial of service of IPsec on sockets with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-111650288
58 CVE-2018-9510 200 +Info 2018-10-02 2018-11-20
6.1
None Local Network Low Not required Complete None None
In smp_proc_enc_info of smp_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111937065
59 CVE-2018-9509 200 +Info 2018-10-02 2018-11-20
6.1
None Local Network Low Not required Complete None None
In smp_proc_master_id of smp_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111937027
60 CVE-2018-9508 125 2018-10-02 2018-11-20
6.1
None Local Network Low Not required Complete None None
In smp_process_keypress_notification of smp_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-111936834
61 CVE-2018-9507 125 2018-10-02 2018-11-20
6.1
None Local Network Low Not required Complete None None
In bta_av_proc_meta_cmd of bta_av_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111893951
62 CVE-2018-9506 125 2018-10-02 2018-11-20
6.1
None Local Network Low Not required Complete None None
In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111803925
63 CVE-2018-9505 125 2018-10-02 2018-11-20
6.1
None Local Network Low Not required Complete None None
In mca_ccb_hdl_req of mca_cact.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110791536
64 CVE-2018-9504 787 Exec Code 2018-10-02 2018-11-20
8.3
None Local Network Low Not required Complete Complete Complete
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110216176
65 CVE-2018-9503 125 2018-10-02 2018-11-20
7.8
None Remote Low Not required Complete None None
In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-80432928
66 CVE-2018-9502 125 2018-10-02 2018-11-20
6.1
None Local Network Low Not required Complete None None
In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111936792
67 CVE-2018-9501 264 Bypass 2018-10-02 2018-11-20
7.2
None Local Low Not required Complete Complete Complete
In the SetupWizard, there is a possible Factory Reset Protection bypass due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110034419
68 CVE-2018-9499 200 +Info 2018-10-02 2018-11-20
4.9
None Local Low Not required Complete None None
In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This could lead to local information disclosure from the DRM server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-79218474
69 CVE-2018-9498 787 Exec Code Overflow 2018-10-02 2018-11-20
9.3
None Remote Medium Not required Complete Complete Complete
In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78354855
70 CVE-2018-9497 787 Exec Code 2018-10-02 2018-11-20
9.3
None Remote Medium Not required Complete Complete Complete
In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 of impeg2_format_conv.s there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-74078669
71 CVE-2018-9496 787 Exec Code 2018-10-02 2018-11-20
9.3
None Remote Medium Not required Complete Complete Complete
In ixheaacd_real_synth_fft_p3 of ixheaacd_esbr_fft.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-110769924
72 CVE-2018-9493 89 Sql 2018-10-02 2018-11-21
2.1
None Local Low Not required Partial None None
In the content provider of the download manager, there is a possible SQL injection due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111085900
73 CVE-2018-6254 125 2018-05-10 2018-06-14
2.1
None Local Low Not required Partial None None
In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure. This issue is rated as moderate. Android: A-64340684. Reference: N-CVE-2018-6254.
74 CVE-2018-6246 200 +Info 2018-05-10 2018-06-14
5.0
None Remote Low Not required Partial None None
In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as moderate. Android: A-69383916. Reference: N-CVE-2018-6246.
75 CVE-2018-5907 20 Overflow 2018-07-06 2018-08-29
4.6
None Local Low Not required Partial Partial Partial
Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
76 CVE-2018-5905 119 Overflow 2018-09-19 2018-11-08
4.4
None Local Medium Not required Partial Partial Partial
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a race condition while accessing num of clients in DIAG services can lead to out of boundary access.
77 CVE-2018-5899 416 2018-07-06 2018-08-27
4.6
None Local Low Not required Partial Partial Partial
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, whenever TDLS connection is setup, we are freeing the netbuf in ol_tx_completion_handler and after that, we are accessing it in NBUF_UPDATE_TX_PKT_COUNT causing a use after free.
78 CVE-2018-5898 190 Overflow 2018-07-06 2018-08-27
4.6
None Local Low Not required Partial Partial Partial
Integer overflow can occur in msm_pcm_adsp_stream_cmd_put() function if the user supplied data "param_length" goes beyond certain limit in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
79 CVE-2018-5897 119 Overflow 2018-07-06 2018-08-27
5.0
None Remote Low Not required Partial None None
While reading the data from buffer in dci_process_ctrl_status() there can be buffer over-read problem if the len is not checked correctly in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
80 CVE-2018-5896 125 2018-07-06 2018-08-27
6.6
None Local Low Not required Complete None Complete
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, kernel panic may happen due to out-of-bound read, caused by not checking source buffer length against length of packet stream to be copied.
81 CVE-2018-5895 125 2018-07-06 2018-08-27
2.1
None Local Low Not required Partial None None
Buffer over-read may happen in wma_process_utf_event() due to improper buffer length validation before writing into param_buf->num_wow_packet_buffer in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
82 CVE-2018-5893 119 Overflow 2018-07-06 2018-08-27
4.6
None Local Low Not required Partial Partial Partial
While processing a message from firmware in htt_t2h_msg_handler_fast() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer overwrite can occur.
83 CVE-2018-5890 264 Bypass 2018-07-06 2018-08-27
4.6
None Local Low Not required Partial Partial Partial
If the fdt_totalsize is reported as 0 for the current device tree, it bypasses an error check for a valid device tree in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
84 CVE-2018-5889 119 Overflow 2018-07-06 2018-08-27
4.6
None Local Low Not required Partial Partial Partial
While processing a compressed kernel image, a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
85 CVE-2018-5888 125 2018-07-06 2018-08-27
4.6
None Local Low Not required Partial Partial Partial
While processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
86 CVE-2018-5887 125 2018-07-06 2018-08-27
4.6
None Local Low Not required Partial Partial Partial
While processing the USB StrSerialDescriptor array, an array index out of bounds can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
87 CVE-2018-5886 125 2018-07-06 2018-08-29
5.0
None Remote Low Not required Partial None None
A pointer in an ADSPRPC command is not properly validated in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), which can lead to kernel memory being accessed.
88 CVE-2018-5873 416 2018-07-06 2018-08-29
6.9
None Local Medium Not required Complete Complete Complete
An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05.
89 CVE-2018-5872 119 Overflow 2018-07-06 2018-08-27
8.3
None Local Network Low Not required Complete Complete Complete
While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur.
90 CVE-2018-5865 191 2018-07-06 2018-08-27
2.1
None Local Low Not required Partial None None
While processing a debug log event from firmware in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur.
91 CVE-2018-5864 119 Overflow +Info 2018-07-06 2018-08-27
2.1
None Local Low Not required Partial None None
While processing a WMI_APFIND event in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read and information leak can potentially occur.
92 CVE-2018-5863 119 Overflow 2018-06-15 2018-08-06
4.6
None Local Low Not required Partial Partial Partial
If userspace provides a too-large WPA RSN IE length in wlan_hdd_cfg80211_set_ie(), a buffer overflow occurs in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
93 CVE-2018-5862 119 Overflow 2018-07-06 2018-09-04
4.6
None Local Low Not required Partial Partial Partial
In __wlan_hdd_cfg80211_vendor_scan() in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, when SCAN_SSIDS and QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES are parsed, a buffer overwrite can potentially occur.
94 CVE-2018-5860 824 2018-06-15 2018-08-06
4.9
None Local Low Not required None None Complete
In the MDSS driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, a data structure may be used without being initialized correctly.
95 CVE-2018-5859 416 2018-07-06 2018-08-27
4.4
None Local Medium Not required Partial Partial Partial
Due to a race condition in the MDSS MDP driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a Use After Free condition can occur.
96 CVE-2018-5858 119 Overflow 2018-07-06 2018-08-29
4.6
None Local Low Not required Partial Partial Partial
In the audio debugfs in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, out of bounds access can occur.
97 CVE-2018-5857 416 2018-06-15 2018-08-06
4.6
None Local Low Not required Partial Partial Partial
In the WCD CPE codec, a Use After Free condition can occur in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
98 CVE-2018-5855 119 Overflow 2018-07-06 2018-08-29
10.0
None Remote Low Not required Complete Complete Complete
While padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read can potentially occur.
99 CVE-2018-5854 119 Overflow 2018-06-15 2018-08-06
4.6
None Local Low Not required Partial Partial Partial
A stack-based buffer overflow can occur in fastboot from all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
100 CVE-2018-5853 416 2018-07-06 2018-08-29
4.4
None Local Medium Not required Partial Partial Partial
A race condition exists in a driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-05-05 potentially leading to a use-after-free condition.
Total number of vulnerabilities : 2004   Page : 1 2 (This Page)3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.