| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| In contacts service, there is a missing permission check. This could lead to local denial of service in Contacts service with no additional execution privileges needed. |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. |
| In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. |
| In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| In keymaster, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04427687; Issue ID: MSV-3183. |
| In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033. |
| In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597. |
| An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656. |
| Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009. |
| The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656. |
| The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted attackers to access application data by creating a package that specifies a shared user ID with an arbitrary application. |
