Search Results (9292 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-11013 1 Google 1 Android 2025-04-20 N/A
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boundary check against "pIe->arraybound".
CVE-2017-9684 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition.
CVE-2017-8253 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace.
CVE-2017-7364 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (which could point to arbitrary kernel address), so on an error condition, this user-provided address will be freed (arbitrary free), and continued operation could result in use after free condition.
CVE-2015-9063 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a procedure involving a remote UIM client.
CVE-2015-9055 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a memory management routine.
CVE-2015-9047 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GNSS when performing a scan after bootup.
CVE-2015-9003 1 Google 1 Android 2025-04-20 N/A
In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel.
CVE-2016-10280 1 Google 1 Android 2025-04-20 N/A
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175767. References: M-ALPS02696445.
CVE-2017-0440 2 Google, Linux 2 Android, Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33252788. References: QC-CR#1095770.
CVE-2017-0425 1 Google 1 Android 2025-04-20 N/A
An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32720785.
CVE-2017-0410 1 Google 1 Android 2025-04-20 N/A
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31929765.
CVE-2015-9072 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall.
CVE-2016-8420 2 Google, Linux 2 Android, Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32451171. References: QC-CR#1087807.
CVE-2015-7889 2 Google, Samsung 2 Android, Galaxy S6 Edge 2025-04-20 N/A
The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent.
CVE-2015-8593 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.
CVE-2016-8421 2 Google, Linux 2 Android, Linux Kernel 2025-04-20 N/A
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32451104. References: QC-CR#1087797.
CVE-2015-9039 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in eMBMS where an assertion can be reached by a sequence of downlink messages.
CVE-2015-9040 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in a GERAN API.
CVE-2016-10384 1 Google 1 Android 2025-04-20 N/A
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl.