Filtered by vendor Google
Subscribe
Total
14440 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5092 | 3 Debian, Google, Microsoft | 3 Debian Linux, Chrome, Windows | 2026-05-13 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2017-0865 | 1 Google | 1 Android | 2026-05-13 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-65025090. References: M-ALPS02973195. | |||||
| CVE-2017-8255 | 1 Google | 1 Android | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot. | |||||
| CVE-2017-0405 | 1 Google | 1 Android | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Surfaceflinger process. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-31960359. | |||||
| CVE-2016-5856 | 2 Google, Linux | 2 Android, Linux Kernel | 2026-05-13 | 7.6 HIGH | 7.0 HIGH |
| Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857. | |||||
| CVE-2015-9036 | 1 Google | 1 Android | 2026-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an incorrect length is used to clear a memory buffer resulting in adjacent memory getting corrupted. | |||||
| CVE-2016-5858 | 1 Google | 1 Android | 2026-05-13 | 2.6 LOW | 4.7 MEDIUM |
| In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs. | |||||
| CVE-2016-8467 | 1 Google | 1 Android | 2026-05-13 | 4.9 MEDIUM | 5.5 MEDIUM |
| An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service (device interoperability: completely permanent or requiring re-flashing the entire operating system). Product: Android. Versions: N/A. Android ID: A-30308784. | |||||
| CVE-2016-8480 | 2 Google, Linux | 2 Android, Linux Kernel | 2026-05-13 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31804432. References: QC-CR#1086186. | |||||
| CVE-2017-0490 | 1 Google | 1 Android | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to delete user data. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation or user permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33178389. | |||||
| CVE-2015-9052 | 1 Google | 1 Android | 2026-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached while processing a downlink message. | |||||
| CVE-2017-0588 | 1 Google | 1 Android | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34618607. | |||||
| CVE-2017-11046 | 1 Google | 1 Android | 2026-05-13 | 4.6 MEDIUM | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when an audio driver ioctl handler is called, a kernel out-of-bounds write can potentially occur. | |||||
| CVE-2017-5032 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-05-13 | 6.8 MEDIUM | 8.8 HIGH |
| PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||||
| CVE-2017-0692 | 1 Google | 1 Android | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36725407. | |||||
| CVE-2017-8258 | 1 Google | 1 Android | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| An array out-of-bounds access in all Qualcomm products with Android releases from CAF using the Linux kernel can potentially occur in a camera driver. | |||||
| CVE-2017-0556 | 1 Google | 1 Android | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34093952. | |||||
| CVE-2015-9048 | 1 Google | 1 Android | 2026-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of lost RTP packets. | |||||
| CVE-2015-9066 | 1 Google | 1 Android | 2026-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an Inter-RAT procedure. | |||||
| CVE-2017-9724 | 1 Google | 1 Android | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, user-level permissions can be used to gain access to kernel memory, specifically the ION cache maintenance code is writing to a user supplied address. | |||||