CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities (CVSS score between 7 and 7.99)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-15482 284 2018-08-17 2018-10-29
7.5
 None Remote Low Not required Partial Partial Partial
Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT application intents. The LG ID is LVE-SMP-180006.
2 CVE-2018-14982 284 2018-08-17 2018-10-29
7.5
 None Remote Low Not required Partial Partial Partial
Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS application. The LG ID is LVE-SMP-180004.
3 CVE-2018-14981 284 2018-08-17 2018-10-31
7.5
 None Remote Low Not required Partial Partial Partial
Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI application intents. The LG ID is LVE-SMP-180005.
4 CVE-2018-14066 89 Sql 2018-07-15 2018-09-21
7.5
 None Remote Low Not required Partial Partial Partial
The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the READ_SMS permission can read SMS messages. This affects Infinix X571 phones, as well as various Lenovo phones (such as the A7020) that have since been fixed by Lenovo.
5 CVE-2018-11995 119 Overflow 2018-11-27 2018-12-21
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a partition name-check variable is not reset for every iteration which may cause improper termination in the META image.
6 CVE-2018-11965 284 2018-12-20 2019-01-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Anyone can execute proptrigger.sh which will lead to change in properties.
7 CVE-2018-11964 264 2018-12-20 2019-01-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue.
8 CVE-2018-11963 125 2018-12-20 2019-01-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Buffer overread may occur due to non-null terminated strings while processing vsprintf in camera jpeg driver.
9 CVE-2018-11961 119 Overflow 2018-12-20 2019-01-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possibility of accessing out of bound vector index When updating some GNSS configurations.
10 CVE-2018-11960 416 2018-12-20 2019-01-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, A use after free condition can occur in the SPS driver which can lead to error in kernel.
11 CVE-2018-11956 264 2018-11-27 2018-12-21
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper mounting lead to device node and executable to be run from /dsp/ which presents a potential security issue.
12 CVE-2018-11914 264 2018-11-27 2018-12-21
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /systemrw/ which presents a potential security.
13 CVE-2018-11913 264 2018-11-27 2018-12-21
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of dev nodes may lead to potential security issue.
14 CVE-2018-11912 264 2018-11-27 2018-12-21
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of daemons may lead to unprivileged access.
15 CVE-2018-11911 264 2018-11-27 2018-12-20
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of script may lead to unprivileged access.
16 CVE-2018-11910 264 2018-11-27 2018-12-21
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /persist/ which presents a potential issue.
17 CVE-2018-11909 264 2018-11-27 2018-12-21
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /cache/ which presents a potential issue.
18 CVE-2018-11908 264 2018-11-27 2018-12-21
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /data/ which presents a potential issue.
19 CVE-2018-11907 264 2018-11-27 2018-12-21
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /firmware/ which presents a potential issue.
20 CVE-2018-11906 284 2018-11-27 2018-12-21
7.2
 None Local Low Not required Complete Complete Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a security concern with default privileged access to ADB and debug-fs.
21 CVE-2018-11904 476 2018-09-19 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early (e.g., timeout), the callback will dereference an invalid pointer.
22 CVE-2018-11903 787 2018-09-19 2018-11-08
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from caller function used as an array index for WMA interfaces can lead to OOB write in WLAN HOST.
23 CVE-2018-11902 129 2018-09-19 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to OOB access in WLAN HOST.
24 CVE-2018-11898 125 2018-09-19 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing start bss request from upper layer, out of bounds read occurs if ssid length is greater than maximum.
25 CVE-2018-11897 125 2018-09-19 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing diag event after associating to a network out of bounds read occurs if ssid of the network joined is greater than max limit.
26 CVE-2018-11895 119 Overflow 2018-09-19 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check Validation in WLAN function can lead to driver writes the default rsn capabilities to the memory not allocated to the frame.
27 CVE-2018-11894 190 Overflow 2018-09-19 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing preferred network offload scan results integer overflow may lead to buffer overflow when large frame length is received from FW.
28 CVE-2018-11889 119 Overflow 2018-09-19 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when requesting rssi timeout, access invalid memory may occur since local variable 'context' stack data of wlan function is free.
29 CVE-2018-11886 190 Overflow 2018-09-19 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function.
30 CVE-2018-11883 129 2018-09-19 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, in policy mgr unit test if mode parameter in wlan function is given an out of bound value it can cause an out of bound access while accessing the PCL table.
31 CVE-2018-11878 119 Overflow 2018-09-19 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possibility of invalid memory access while processing driver command in WLAN function.
32 CVE-2018-11869 119 Overflow 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler.
33 CVE-2018-11868 119 Overflow 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in nan response event handler.
34 CVE-2018-11863 119 Overflow 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy.
35 CVE-2018-11860 119 Overflow 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a potential buffer over flow could occur while processing the ndp event due to lack of check on the message length.
36 CVE-2018-11852 787 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write.
37 CVE-2018-11851 787 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on input received to calculate the buffer length can lead to out of bound write to kernel stack.
38 CVE-2018-11843 416 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack fo check on return value in WMA response handler can lead to potential use after free.
39 CVE-2018-11842 119 Overflow 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, during wlan association, driver allocates memory. In case the mem allocation fails driver does a mem free though the memory was not allocated.
40 CVE-2018-11840 415 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice.
41 CVE-2018-11836 119 Overflow 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check can lead to out-of-bounds access in WLAN function.
42 CVE-2018-11827 129 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper validation of array index in WMA roam synchronization handler can lead to OOB write.
43 CVE-2018-11826 119 Overflow 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on integer overflow while calculating memory can lead to Buffer overflow in WLAN ext scan handler.
44 CVE-2018-11299 129 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when WLAN FW has not filled the vdev id correctly in stats events then WLAN host driver tries to access interface array without proper bound check which can lead to invalid memory access and as a side effect kernel panic or page fault.
45 CVE-2018-11297 125 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a buffer over-read can occur In the WMA NDP event handler functions due to lack of validation of input value event_info which is received from FW.
46 CVE-2018-11296 787 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a message from firmware in WLAN handler, a buffer overwrite can occur.
47 CVE-2018-11295 787 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WMA handler carries a fixed event data from the firmware to the host . If the length and anqp length from this event data exceeds the max length, an OOB write would happen.
48 CVE-2018-11281 416 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while calling IPA_IOC_MDFY_RT_RULE IPA IOCTL, header entry is not checked before use. If IPA_IOC_MDFY_RT_RULE IOCTL called for header entries formerly deleted, a Use after free condition will occur.
49 CVE-2018-11274 119 Overflow 2018-09-18 2018-11-09
7.2
 None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, buffer overflow may occur when payload size is extremely large.
50 CVE-2018-11262 787 2018-09-04 2018-10-26
7.2
 None Local Low Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT.
Total number of vulnerabilities : 1026   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.