Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Android
Total 8448 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-14496 6 Canonical, Debian, Google and 3 more 8 Ubuntu Linux, Debian Linux, Android and 5 more 2025-04-20 7.8 HIGH 7.5 HIGH
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
CVE-2017-8240 1 Google 1 Android 2025-04-20 9.3 HIGH 7.8 HIGH
In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability.
CVE-2016-10282 1 Google 1 Android 2025-04-20 7.6 HIGH 7.0 HIGH
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33939045. References: M-ALPS03149189.
CVE-2017-0388 1 Google 1 Android 2025-04-20 2.1 LOW 5.5 MEDIUM
An elevation of privilege vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32523490.
CVE-2017-11061 1 Google 1 Android 2025-04-20 5.0 MEDIUM 7.5 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing cfg80211 vendor sub command QCA_NL80211_VENDOR_SUBCMD_ROAM, a buffer over-read can occur.
CVE-2017-0671 1 Google 1 Android 2025-04-20 9.3 HIGH 7.8 HIGH
A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762.
CVE-2017-8270 1 Google 1 Android 2025-04-20 5.1 MEDIUM 7.0 HIGH
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition.
CVE-2017-0799 1 Google 1 Android 2025-04-20 9.3 HIGH 7.8 HIGH
A elevation of privilege vulnerability in the MediaTek lastbus. Product: Android. Versions: Android kernel. Android ID: A-36731602. References: M-ALPS03342072.
CVE-2017-5108 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2025-04-20 6.8 MEDIUM 8.8 HIGH
Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file.
CVE-2017-0725 1 Google 1 Android 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37627194.
CVE-2014-9968 1 Google 1 Android 2025-04-20 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the UIMDIAG interface.
CVE-2017-0479 1 Google 1 Android 2025-04-20 9.3 HIGH 7.8 HIGH
An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32707507.
CVE-2017-0599 1 Google 1 Android 2025-04-20 7.1 HIGH 5.5 MEDIUM
A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34672748.
CVE-2017-0735 1 Google 1 Android 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38239864.
CVE-2016-8446 1 Google 1 Android 2025-04-20 7.6 HIGH 7.0 HIGH
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31747749. References: MT-ALPS02968909.
CVE-2017-0429 2 Google, Linux 2 Android, Linux Kernel 2025-04-20 9.3 HIGH 7.8 HIGH
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32636619. References: N-CVE-2017-0429.
CVE-2017-0851 1 Google 1 Android 2025-04-20 5.0 MEDIUM 5.3 MEDIUM
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-35430570.
CVE-2017-0676 1 Google 1 Android 2025-04-20 9.3 HIGH 7.8 HIGH
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34896431.
CVE-2015-9073 1 Google 1 Android 2025-04-20 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall.
CVE-2015-9050 1 Google 1 Android 2025-04-20 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists where an array out of bounds access can occur during a CA call.