National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:google:android:2.0
There are 1,210 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2017-6249

An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34373711. References: N-CVE-2017-6249.

Published: July 13, 2017; 12:29:00 PM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-3750

On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749.

Published: June 29, 2017; 11:29:00 AM -04:00
V3.0: 6.4 MEDIUM
    V2: 6.9 MEDIUM
CVE-2017-3749

On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750.

Published: June 29, 2017; 11:29:00 AM -04:00
V3.0: 6.4 MEDIUM
    V2: 6.9 MEDIUM
CVE-2017-3748

On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device).

Published: June 29, 2017; 11:29:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2015-3840

The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission.

Published: June 27, 2017; 04:29:00 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2017-8242

In all Android releases from CAF using the Linux kernel, a race condition exists in a QTEE driver potentially leading to an arbitrary memory write.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 5.9 MEDIUM
    V2: 4.3 MEDIUM
CVE-2017-8241

In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a WLAN function due to an incorrect message length.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-8240

In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-8239

In all Android releases from CAF using the Linux kernel, userspace-controlled parameters for flash initialization are not sanitized potentially leading to exposure of kernel memory.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2017-8238

In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a camera function.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-8237

In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists while loading a firmware image.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-8236

In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-8235

In all Android releases from CAF using the Linux kernel, a memory structure in a camera driver is not properly protected.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2017-8234

In all Android releases from CAF using the Linux kernel, an out of bounds access can potentially occur in a camera function.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-8233

In a camera driver function in all Android releases from CAF using the Linux kernel, a bounds check is missing when writing into an array potentially leading to an out-of-bounds heap write.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-7373

In all Android releases from CAF using the Linux kernel, a double free vulnerability exists in a display driver.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-7372

In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to buffer overflow or write to arbitrary pointer location.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-7371

In all Android releases from CAF using the Linux kernel, a data pointer is potentially used after it has been freed when SLIMbus is turned off by Bluetooth.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-7370

In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-7369

In all Android releases from CAF using the Linux kernel, an array index in an ALSA routine is not properly validating potentially leading to kernel stack corruption.

Published: June 13, 2017; 04:29:01 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH