| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920. |
| mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921. |
| b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger a denial of service (null pointer dereference and process crash). |
| Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via a crafted application, aka Android Bug ID 19261727. |
| Cross-site scripting (XSS) vulnerability in Good for Enterprise for Android 2.8.0.398 and 1.9.0.40. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration. |
| HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies. |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing. |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application. |
| In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. |
| In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist. |
| In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist. |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in the unlocking of memory. |
| In all Android releases from CAF using the Linux kernel, access control to SMEM memory was not enabled. |
| In all Android releases from CAF using the Linux kernel, time-of-check Time-of-use (TOCTOU) Race Conditions exist in several TZ APIs. |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. |
| In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications. |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. |
| In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a cryptographic routine. |
| In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access control settings of modem memory. |
