Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Android
Total 8318 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-8279 1 Google 1 Android 2025-04-20 5.0 MEDIUM 7.5 HIGH
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, missing race condition protection while updating msg mask table can lead to buffer over-read. Also access to freed memory can happen while updating msg_mask information.
CVE-2016-5867 1 Google 1 Android 2025-04-20 7.6 HIGH 7.0 HIGH
In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow.
CVE-2016-6767 1 Google 1 Android 2025-04-20 7.1 HIGH 5.5 MEDIUM
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4. Android ID: A-31833604.
CVE-2017-0635 1 Google 1 Android 2025-04-20 7.1 HIGH 5.5 MEDIUM
A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Low due to details specific to the vulnerability. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-35467107.
CVE-2017-0773 1 Google 1 Android 2025-04-20 7.1 HIGH 5.5 MEDIUM
A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37615911.
CVE-2017-11040 1 Google 1 Android 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to.
CVE-2017-13162 1 Google 1 Android 2025-04-20 9.3 HIGH 7.8 HIGH
An elevation of privilege vulnerability in the kernel binder. Product: Android. Versions: Android kernel. Android ID A-64216036.
CVE-2015-9001 1 Google 1 Android 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
CVE-2017-0870 1 Google 1 Android 2025-04-20 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability in the Android framework (libminikin). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62134807.
CVE-2017-13165 1 Google 1 Android 2025-04-20 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability in the kernel file system. Product: Android. Versions: Android kernel. Android ID A-31269937.
CVE-2016-10342 1 Google 1 Android 2025-04-20 9.3 HIGH 7.8 HIGH
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler.
CVE-2017-0860 1 Google 1 Android 2025-04-20 4.6 MEDIUM 5.3 MEDIUM
An elevation of privilege vulnerability in the Android system (inputdispatcher). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-31097064.
CVE-2017-0539 1 Google 1 Android 2025-04-20 9.3 HIGH 7.8 HIGH
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33864300.
CVE-2017-5106 6 Apple, Debian, Google and 3 more 9 Macos, Debian Linux, Android and 6 more 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.
CVE-2017-0690 1 Google 1 Android 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36592202.
CVE-2017-0798 1 Google 1 Android 2025-04-20 9.3 HIGH 7.8 HIGH
A elevation of privilege vulnerability in the MediaTek kernel. Product: Android. Versions: Android kernel. Android ID: A-36100671. References: M-ALPS03365532.
CVE-2017-0804 1 Google 1 Android 2025-04-20 6.8 MEDIUM 7.8 HIGH
A elevation of privilege vulnerability in the MediaTek mmc driver. Product: Android. Versions: Android kernel. Android ID: A-36274676. References: M-ALPS03361487.
CVE-2017-5072 1 Google 2 Android, Chrome 2025-04-20 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page.
CVE-2017-0668 1 Google 1 Android 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
A information disclosure vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-22011579.
CVE-2017-9706 1 Google 1 Android 2025-04-20 4.6 MEDIUM 7.8 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an array out-of-bounds access can potentially occur in a display driver.