| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2021-0930 |
787 |
|
Exec Code |
2021-12-15 |
2021-12-17 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-181660091 |
|
2 |
CVE-2021-0918 |
787 |
|
Exec Code |
2021-12-15 |
2021-12-17 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-197536150 |
|
3 |
CVE-2021-0507 |
787 |
|
Exec Code |
2021-06-21 |
2021-06-22 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181860042 |
|
4 |
CVE-2021-0475 |
416 |
|
Exec Code Mem. Corr. |
2021-06-11 |
2021-06-14 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In on_l2cap_data_ind of btif_sock_l2cap.cc, there is possible memory corruption due to a use after free. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-175686168 |
|
5 |
CVE-2021-0473 |
415 |
|
Exec Code |
2021-06-11 |
2021-06-14 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In rw_t3t_process_error of rw_t3t.cc, there is a possible double free due to uninitialized data. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179687208 |
|
6 |
CVE-2020-0022 |
787 |
|
Exec Code |
2020-02-13 |
2020-05-13 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715 |
|
7 |
CVE-2019-2102 |
264 |
|
|
2019-06-07 |
2019-09-12 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In the Bluetooth Low Energy (BLE) specification, there is a provided example Long Term Key (LTK). If a BLE device were to use this as a hardcoded LTK, it is theoretically possible for a proximate attacker to remotely inject keystrokes on a paired Android host due to improperly used crypto. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-128843052. |
|
8 |
CVE-2019-2009 |
787 |
|
Exec Code |
2019-06-19 |
2019-06-21 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-120665616 |
|
9 |
CVE-2018-11891 |
129 |
|
|
2018-09-19 |
2019-04-18 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on the length of array while accessing can lead to an out of bound read in WLAN HOST function. |
|
10 |
CVE-2018-9555 |
787 |
|
|
2018-12-06 |
2019-11-13 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-112321180. |
|
11 |
CVE-2018-9504 |
787 |
|
Exec Code |
2018-10-02 |
2018-11-20 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110216176 |
|
12 |
CVE-2018-5872 |
119 |
|
Overflow |
2018-07-06 |
2018-08-27 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur. |
|
13 |
CVE-2017-15822 |
119 |
|
Overflow |
2018-04-03 |
2018-05-08 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing a 802.11 management frame, a buffer overflow may potentially occur. |
|
14 |
CVE-2017-13256 |
787 |
|
Exec Code |
2018-04-04 |
2018-05-08 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68817966. |
|
15 |
CVE-2017-13255 |
787 |
|
Exec Code |
2018-04-04 |
2018-05-08 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In process_service_attr_req of sdp_server.c, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68776054. |
|
16 |
CVE-2017-13205 |
200 |
|
+Info |
2018-01-12 |
2018-01-26 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64550583. |
|
17 |
CVE-2017-13204 |
200 |
|
+Info |
2018-01-12 |
2018-01-25 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380237. |
|
18 |
CVE-2017-13203 |
200 |
|
+Info |
2018-01-12 |
2018-01-25 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63122634. |
|
19 |
CVE-2017-13188 |
200 |
|
+Info |
2018-01-12 |
2018-01-25 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (aac). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65280786. |
|
20 |
CVE-2017-13187 |
200 |
|
+Info |
2018-01-12 |
2018-01-26 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65034175. |
|
21 |
CVE-2017-13185 |
200 |
|
+Info |
2018-01-12 |
2018-01-25 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65123471. |
|
22 |
CVE-2017-13150 |
200 |
|
+Info |
2017-12-06 |
2017-12-19 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-38328132. |
|
23 |
CVE-2017-13149 |
200 |
|
+Info |
2017-12-06 |
2017-12-19 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872. |
|
24 |
CVE-2017-0879 |
200 |
|
+Info |
2017-12-06 |
2017-12-19 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65025028. |
|
25 |
CVE-2017-0854 |
125 |
|
|
2017-11-16 |
2019-10-03 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63873837. |
|
26 |
CVE-2017-0853 |
|
|
|
2017-11-16 |
2019-10-03 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63121644. |
|
27 |
CVE-2017-0782 |
120 |
|
Exec Code |
2017-09-14 |
2019-10-03 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237. |
|
28 |
CVE-2017-0781 |
119 |
|
Exec Code Overflow |
2017-09-14 |
2019-10-03 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105. |
|
29 |
CVE-2016-5861 |
264 |
|
Overflow |
2017-08-16 |
2017-08-20 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow. |
|
30 |
CVE-2016-3832 |
264 |
|
Bypass |
2016-08-05 |
2016-11-28 |
8.3 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Complete |
|
The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 do not ensure that package data originated from the Package Manager, which allows attackers to bypass an unspecified protection mechanism via a crafted application, aka internal bug 28795098. |
|
31 |
CVE-2016-2433 |
284 |
|
Exec Code |
2017-04-21 |
2017-05-02 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel. |
|
32 |
CVE-2016-0809 |
264 |
|
+Priv |
2016-02-07 |
2016-03-14 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
Use-after-free vulnerability in the wifi_cleanup function in bcmdhd/wifi_hal/wifi_hal.cpp in Wi-Fi in Android 6.x before 2016-02-01 allows attackers to gain privileges by leveraging access to the local physical environment during execution of a crafted application, aka internal bug 25753768. |
|
33 |
CVE-2016-0802 |
20 |
|
DoS Exec Code Mem. Corr. |
2016-02-07 |
2019-03-08 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181. |
|
34 |
CVE-2016-0801 |
20 |
|
DoS Exec Code Mem. Corr. |
2016-02-07 |
2019-03-08 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029. |
|
35 |
CVE-2015-1536 |
189 |
|
DoS Overflow +Info |
2015-10-01 |
2015-10-01 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
|
Integer overflow in the Bitmap_createFromParcel function in core/jni/android/graphics/Bitmap.cpp in Android before 5.1.1 LMY48I allows attackers to cause a denial of service (system_server crash) or obtain sensitive system_server memory-content information via a crafted application that leverages improper unmarshalling of bitmaps, aka internal bug 19666945. |
|
36 |
CVE-2013-6271 |
264 |
|
Bypass |
2013-12-14 |
2013-12-18 |
8.8 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
None |
|
Android 4.0 through 4.3 allows attackers to bypass intended access restrictions and remove device locks via a crafted application that invokes the updateUnlockMethodAndFinish method in the com.android.settings.ChooseLockGeneric class with the PASSWORD_QUALITY_UNSPECIFIED option. |
