Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Total 15355 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-11001 1 Google 1 Android 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length of the MAC address is not checked which may cause out of bounds read.
CVE-2017-11000 1 Google 1 Android 2026-06-17 6.8 MEDIUM 7.8 HIGH
In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write.
CVE-2017-10999 1 Google 1 Android 2026-06-17 6.8 MEDIUM 7.8 HIGH
In all Qualcomm products with Android releases from CAF using the Linux kernel, concurrent calls into ioctl RMNET_IOCTL_ADD_MUX_CHANNEL in ipa wan driver may lead to memory corruption due to missing locks.
CVE-2017-10998 1 Google 1 Android 2026-06-17 6.8 MEDIUM 7.8 HIGH
In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. If the buffer length is large enough then the address + length operation could overflow and produce a result far below the valid region.
CVE-2017-10997 1 Google 1 Android 2026-06-17 6.8 MEDIUM 7.8 HIGH
In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory.
CVE-2017-10996 1 Google 1 Android 2026-06-17 7.1 HIGH 5.5 MEDIUM
In all Qualcomm products with Android releases from CAF using the Linux kernel, out of bounds access is possible in c_show(), due to compat_hwcap_str[] not being NULL-terminated. This error is not fatal, however the device might crash/reboot with memory violation/out of bounds access.
CVE-2017-10709 2 Elephone, Google 2 P9000, Android 2026-06-17 7.2 HIGH 6.8 MEDIUM
The lockscreen on Elephone P9000 devices (running Android 6.0) allows physically proximate attackers to bypass a wrong-PIN lockout feature by pressing backspace after each PIN guess.
CVE-2017-1000460 3 Ffmpeg, Google, Libav 3 Ffmpeg, Chrome, Libav 2026-06-17 4.3 MEDIUM 6.5 MEDIUM
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
CVE-2017-0880 1 Google 1 Android 2026-06-17 7.1 HIGH 6.5 MEDIUM
A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID A-65646012.
CVE-2017-0879 1 Google 1 Android 2026-06-17 8.5 HIGH 9.1 CRITICAL
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65025028.
CVE-2017-0878 1 Google 1 Android 2026-06-17 9.3 HIGH 8.8 HIGH
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 8.0. Android ID A-65186291.
CVE-2017-0877 1 Google 1 Android 2026-06-17 9.3 HIGH 8.8 HIGH
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-66372937.
CVE-2017-0876 1 Google 1 Android 2026-06-17 9.3 HIGH 8.8 HIGH
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-64964675.
CVE-2017-0874 1 Google 1 Android 2026-06-17 7.1 HIGH 6.5 MEDIUM
A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63315932.
CVE-2017-0873 1 Google 1 Android 2026-06-17 7.1 HIGH 6.5 MEDIUM
A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63316255.
CVE-2017-0872 1 Google 1 Android 2026-06-17 9.3 HIGH 8.8 HIGH
A remote code execution vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65290323.
CVE-2017-0871 1 Google 1 Android 2026-06-17 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability in the Android framework (framework base). Product: Android. Versions: 8.0. Android ID A-65281159.
CVE-2017-0870 1 Google 1 Android 2026-06-17 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability in the Android framework (libminikin). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62134807.
CVE-2017-0869 1 Google 1 Android 2026-06-17 7.2 HIGH 7.8 HIGH
NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling code execution as a privileged process. This issue is rated as high. Version: N/A. Android ID: A-37776156. References: N-CVE-2017-0869.
CVE-2017-0865 1 Google 1 Android 2026-06-17 4.6 MEDIUM 7.8 HIGH
An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-65025090. References: M-ALPS02973195.