Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
8767 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-9933 | 1 Google | 1 Android | 2025-04-20 | N/A |
| Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. | ||||
| CVE-2017-8242 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, a race condition exists in a QTEE driver potentially leading to an arbitrary memory write. | ||||
| CVE-2014-9973 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine. | ||||
| CVE-2015-9070 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall. | ||||
| CVE-2017-0861 | 2 Google, Redhat | 4 Android, Enterprise Linux, Rhel Eus and 1 more | 2025-04-20 | N/A |
| Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors. | ||||
| CVE-2017-13157 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An information disclosure vulnerability in the Android system (activitymanagerservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-32990341. | ||||
| CVE-2015-1526 | 1 Google | 1 Android | 2025-04-20 | N/A |
| The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. | ||||
| CVE-2017-13148 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65717533. | ||||
| CVE-2017-0847 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the Android media framework (mediaanalytics). Product: Android. Versions: 8.0. Android ID: A-65540999. | ||||
| CVE-2016-10385 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS. | ||||
| CVE-2017-0766 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A remote code execution vulnerability in the Android media framework (libjhead). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37776688. | ||||
| CVE-2016-10237 | 1 Google | 1 Android | 2025-04-20 | N/A |
| If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory. | ||||
| CVE-2015-9007 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist. | ||||
| CVE-2015-9069 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File System can become corrupted. | ||||
| CVE-2017-8239 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, userspace-controlled parameters for flash initialization are not sanitized potentially leading to exposure of kernel memory. | ||||
| CVE-2014-9942 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist. | ||||
| CVE-2016-10336 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, some regions of memory were not protected during boot. | ||||
| CVE-2017-5110 | 6 Apple, Debian, Google and 3 more | 10 Macos, Debian Linux, Android and 7 more | 2025-04-20 | 6.5 Medium |
| Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page. | ||||
| CVE-2017-11033 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the coresight-tmc driver, a simultaneous read and enable of the ETR device after changing the buffer size may result in a Use After Free condition of the previous buffer. | ||||
| CVE-2017-8264 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A userspace process can cause a Denial of Service in the camera driver in all Qualcomm products with Android releases from CAF using the Linux kernel. | ||||