Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
9064 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-6788 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31224428. References: MT-ALPS02943467. | ||||
| CVE-2017-0400 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32584034. | ||||
| CVE-2017-0385 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32585400. | ||||
| CVE-2016-5349 | 1 Google | 1 Android | 2025-04-20 | N/A |
| The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications inside Qualcomm Secure Execution Environment (QSEE) receive memory addresses from a high level operating system (HLOS) such as Linux Android, those address have previously been verified as belonging to HLOS memory space rather than QSEE memory space, but they were not verified to be from HLOS user space rather than kernel space. This lack of verification could lead to privilege escalation within the HLOS. | ||||
| CVE-2016-5347 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver. | ||||
| CVE-2016-6773 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An information disclosure vulnerability in the ih264d decoder in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0. Android ID: A-30481714. | ||||
| CVE-2016-6771 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in Telephony could enable a local malicious application to access system functions beyond its access level. This issue is rated as Moderate because it is a local bypass of restrictions on a constrained process. Product: Android. Versions: 6.0, 6.0.1, 7.0. Android ID: A-31566390. | ||||
| CVE-2017-0645 | 1 Google | 1 Android | 2025-04-20 | N/A |
| An elevation of privilege vulnerability in Bluetooth could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it is a local bypass of user interaction requirements. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35385327. | ||||
| CVE-2014-9922 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | N/A |
| The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. | ||||
| CVE-2014-9923 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||||
| CVE-2014-9924 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur. | ||||
| CVE-2014-9925 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||||
| CVE-2014-9926 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | ||||
| CVE-2014-9928 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||||
| CVE-2014-9930 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | ||||
| CVE-2014-9932 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. | ||||
| CVE-2014-9933 | 1 Google | 1 Android | 2025-04-20 | N/A |
| Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. | ||||
| CVE-2014-9934 | 1 Google | 1 Android | 2025-04-20 | N/A |
| A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. | ||||
| CVE-2014-9935 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | ||||
| CVE-2014-9936 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel. | ||||