Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:google:android:2.3.5
There are 1,228 matching records.
Displaying matches 261 through 280.
Vuln ID Summary CVSS Severity
CVE-2014-9935

In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.

Published: May 16, 2017; 10:29:00 AM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0625

An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A. Android ID: A-35142799. References: M-ALPS03161531.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0620

An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35401052. References: QC-CR#1081711.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0619

An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35401152. References: QC-CR#826566.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0618

An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-35100728. References: M-ALPS03161536.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0617

An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34471002. References: M-ALPS03149173.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0616

An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34470286. References: M-ALPS03149160.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0615

An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34259126. References: M-ALPS03150278.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0604

An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-35392981. References: QC-CR#826589.

Published: May 12, 2017; 11:29:01 AM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0465

An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34112914. References: QC-CR#1110747.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2016-10282

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33939045. References: M-ALPS03149189.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2016-10281

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175647. References: M-ALPS02696475.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2016-10280

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175767. References: M-ALPS02696445.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2016-10276

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32952839. References: QC-CR#1094105.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-10275

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-34514954. References: QC-CR#1009111.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-10274

An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30202412. References: M-ALPS02897901.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0331

An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel 3.10. Android ID: A-34113000. References: N-CVE-2017-0331.

Published: May 02, 2017; 5:59:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2015-9004

kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.

Published: May 02, 2017; 5:59:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2014-9940

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.

Published: May 02, 2017; 5:59:00 PM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2016-2433

The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel.

Published: April 21, 2017; 4:59:00 PM -0400
V3.0: 8.8 HIGH
V2.0: 8.3 HIGH