| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An elevation of privilege vulnerability in the MediaTek bluetooth driver. Product: Android. Versions: Android kernel. Android ID A-36493287. References: M-ALPS03495791. |
| An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233. |
| An information disclosure vulnerability in the kernel camera server. Product: Android. Versions: Android kernel. Android ID A-37512375. |
| An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993. |
| An elevation of privilege vulnerability in the kernel file system. Product: Android. Versions: Android kernel. Android ID A-31269937. |
| An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167. |
| An elevation of privilege vulnerability in the MediaTek display driver. Product: Android. Versions: Android kernel. Android ID A-36102397. References: M-ALPS03359280. |
| Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file. |
| Heap-based buffer overflow in Google Chrome before M40 allows remote attackers to cause a denial of service (unpaged memory write and process crash) via a crafted MP4 file. |
| An elevation of privilege vulnerability in the kernel binder. Product: Android. Versions: Android kernel. Android ID A-64216036. |
| An elevation of privilege vulnerability in the Broadcom wireless driver. Product: Android. Versions: Android kernel. Android ID A-63930471. References: BC-V2017092501. |
| Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information from encrypted communications via a crafted certificate. |
| An elevation of privilege vulnerability in the kernel mtp usb driver. Product: Android. Versions: Android kernel. Android ID A-37429972. |
| Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution. |
| An information disclosure vulnerability in the kernel binder driver. Product: Android. Versions: Android kernel. Android ID A-36007193. |
| A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362. |
| An elevation of privilege vulnerability in the MediaTek performance service. Product: Android. Versions: Android kernel. Android ID A-64316572. References: M-ALPS03479086. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient. |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE contains fewer than 1 byte, a buffer overrun occurs. |
