| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-39914 |
863 |
|
|
2022-12-08 |
2022-12-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information. |
|
2 |
CVE-2022-39913 |
863 |
|
|
2022-12-08 |
2022-12-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information. |
|
3 |
CVE-2022-39912 |
755 |
|
|
2022-12-08 |
2022-12-12 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder. |
|
4 |
CVE-2022-23729 |
287 |
|
|
2022-03-04 |
2022-03-11 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010. |
|
5 |
CVE-2022-23728 |
|
|
|
2022-01-21 |
2022-07-11 |
6.6 |
None |
Local |
Low |
Not required |
None |
Complete |
Complete |
|
Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011. |
|
6 |
CVE-2021-0920 |
362 |
|
|
2021-12-15 |
2022-07-12 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel |
|
7 |
CVE-2020-13843 |
20 |
|
DoS |
2020-06-05 |
2021-07-21 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered on LG mobile devices with Android OS software before 2020-06-01. Local users can cause a denial of service because checking of the userdata partition is mishandled. The LG ID is LVE-SMP-200014 (June 2020). |
|
8 |
CVE-2019-20606 |
20 |
|
|
2020-03-24 |
2021-07-21 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
An issue was discovered on Samsung mobile devices with any (before May 2019) software. A phishing attack against OMACP can change the network and internet settings. The Samsung ID is SVE-2019-14073 (May 2019). |
|
9 |
CVE-2019-9468 |
415 |
|
Mem. Corr. |
2020-01-06 |
2021-07-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In export_key_der of export_key.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-139683471 |
|
10 |
CVE-2019-9465 |
|
|
|
2020-01-07 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In the Titan M handling of cryptographic operations, there is a possible information disclosure due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-133258003 |
|
11 |
CVE-2018-15835 |
732 |
|
|
2018-11-30 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983. |
|
12 |
CVE-2018-11304 |
190 |
|
Overflow |
2018-07-06 |
2018-09-07 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. |
|
13 |
CVE-2018-6254 |
200 |
|
+Info |
2018-05-10 |
2018-06-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure. This issue is rated as moderate. Android: A-64340684. Reference: N-CVE-2018-6254. |
|
14 |
CVE-2018-6246 |
200 |
|
+Info |
2018-05-10 |
2018-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as moderate. Android: A-69383916. Reference: N-CVE-2018-6246. |
|
15 |
CVE-2018-5907 |
190 |
|
Overflow |
2018-07-06 |
2019-10-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. |
|
16 |
CVE-2017-11041 |
|
|
|
2017-09-21 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another. |
|
17 |
CVE-2017-11040 |
200 |
|
+Info |
2017-09-21 |
2017-09-26 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to. |
|
18 |
CVE-2017-11002 |
125 |
|
|
2017-09-21 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur. |
|
19 |
CVE-2017-11001 |
200 |
|
+Info |
2017-09-21 |
2017-09-26 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length of the MAC address is not checked which may cause out of bounds read. |
|
20 |
CVE-2017-11000 |
119 |
|
Overflow |
2017-09-21 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write. |
|
21 |
CVE-2017-10999 |
119 |
|
Overflow Mem. Corr. |
2017-09-21 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, concurrent calls into ioctl RMNET_IOCTL_ADD_MUX_CHANNEL in ipa wan driver may lead to memory corruption due to missing locks. |
|
22 |
CVE-2017-10998 |
119 |
|
Overflow |
2017-09-21 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. If the buffer length is large enough then the address + length operation could overflow and produce a result far below the valid region. |
|
23 |
CVE-2017-10997 |
119 |
|
Overflow Mem. Corr. |
2017-09-21 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory. |
|
24 |
CVE-2017-10996 |
200 |
|
+Info |
2017-09-21 |
2017-09-26 |
7.1 |
None |
Remote |
Medium |
Not required |
Complete |
None |
None |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, out of bounds access is possible in c_show(), due to compat_hwcap_str[] not being NULL-terminated. This error is not fatal, however the device might crash/reboot with memory violation/out of bounds access. |
|
25 |
CVE-2017-9725 |
682 |
|
|
2017-09-21 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail. |
|
26 |
CVE-2017-9724 |
269 |
|
|
2017-09-21 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address. |
|
27 |
CVE-2017-9720 |
193 |
|
|
2017-09-21 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur. |
|
28 |
CVE-2017-9685 |
362 |
|
|
2017-08-18 |
2017-08-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition. |
|
29 |
CVE-2017-9684 |
362 |
|
|
2017-08-18 |
2017-08-22 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition. |
|
30 |
CVE-2017-9682 |
200 |
|
+Info |
2017-08-18 |
2017-08-22 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in two KGSL driver functions can lead to a Use After Free condition. |
|
31 |
CVE-2017-9680 |
200 |
|
+Info |
2017-08-18 |
2017-08-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error message. |
|
32 |
CVE-2017-9679 |
200 |
|
+Info |
2017-08-18 |
2017-08-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, if a userspace string is not NULL-terminated, kernel memory contents can leak to system logs. |
|
33 |
CVE-2017-9678 |
119 |
|
Overflow Mem. Corr. |
2017-08-18 |
2017-08-22 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy(). |
|
34 |
CVE-2017-9677 |
119 |
|
Overflow |
2017-09-21 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function msm_compr_ioctl_shared, variable "ddp->params_length" could be accessed and modified by multiple threads, while it is not protected with locks. If one thread is running, while another thread is setting data, race conditions will happen. If "ddp->params_length" is set to a big number, a buffer overflow will occur. |
|
35 |
CVE-2017-9676 |
200 |
|
+Info |
2017-09-21 |
2017-09-26 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, potential use after free scenarios and race conditions can occur when accessing global static variables without using a lock. |
|
36 |
CVE-2017-8281 |
200 |
|
+Info |
2017-09-21 |
2017-12-06 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI. |
|
37 |
CVE-2017-8280 |
119 |
|
Overflow |
2017-09-21 |
2019-10-03 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a memory leak and a buffer overflow during the context switch. |
|
38 |
CVE-2017-8278 |
190 |
|
Overflow |
2017-09-21 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur. |
|
39 |
CVE-2017-8277 |
416 |
|
|
2017-09-21 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function msm_dba_register_client, if the client registers failed, it would be freed. However the client was not removed from list. Use-after-free would occur when traversing the list next time. |
|
40 |
CVE-2017-8272 |
787 |
|
|
2017-08-18 |
2017-08-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write. |
|
41 |
CVE-2017-8270 |
362 |
|
|
2017-08-18 |
2017-08-22 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition. |
|
42 |
CVE-2017-8268 |
125 |
|
|
2017-08-18 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read. |
|
43 |
CVE-2017-8267 |
362 |
|
Overflow |
2017-08-18 |
2017-08-22 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write. |
|
44 |
CVE-2017-8266 |
362 |
|
|
2017-08-18 |
2017-08-22 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition. |
|
45 |
CVE-2017-8265 |
362 |
|
|
2017-08-18 |
2017-08-22 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver which can lead to a double free. |
|
46 |
CVE-2017-8263 |
|
|
|
2017-08-18 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a kernel fault can occur when doing certain operations on a read-only virtual address in userspace. |
|
47 |
CVE-2017-8262 |
362 |
|
|
2017-08-18 |
2017-08-23 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in some memory allocation and free functions, a race condition can potentially occur leading to a Use After Free condition. |
|
48 |
CVE-2017-8261 |
|
|
|
2017-08-18 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a camera driver ioctl, a kernel overwrite can potentially occur. |
|
49 |
CVE-2017-8260 |
20 |
|
|
2017-08-18 |
2018-03-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to a type downcast, a value may improperly pass validation and cause an out of bounds write later. |
|
50 |
CVE-2017-8257 |
362 |
|
|
2017-08-18 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sde_rotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use. |
