National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:google:android:2.3.5
There are 1,217 matching records.
Displaying matches 241 through 260.
Vuln ID Summary CVSS Severity
CVE-2015-9001

In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.

Published: May 16, 2017; 10:29:01 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-9000

In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.

Published: May 16, 2017; 10:29:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2015-8999

In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file.

Published: May 16, 2017; 10:29:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2015-8998

In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.

Published: May 16, 2017; 10:29:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2015-8997

In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel.

Published: May 16, 2017; 10:29:00 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2015-8996

In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel.

Published: May 16, 2017; 10:29:00 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2015-8995

In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.

Published: May 16, 2017; 10:29:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2014-9937

In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.

Published: May 16, 2017; 10:29:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2014-9936

In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel.

Published: May 16, 2017; 10:29:00 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2014-9935

In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.

Published: May 16, 2017; 10:29:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-0625

An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A. Android ID: A-35142799. References: M-ALPS03161531.

Published: May 12, 2017; 11:29:02 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2017-0620

An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35401052. References: QC-CR#1081711.

Published: May 12, 2017; 11:29:02 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-0619

An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35401152. References: QC-CR#826566.

Published: May 12, 2017; 11:29:02 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-0618

An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-35100728. References: M-ALPS03161536.

Published: May 12, 2017; 11:29:02 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-0617

An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34471002. References: M-ALPS03149173.

Published: May 12, 2017; 11:29:02 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-0616

An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34470286. References: M-ALPS03149160.

Published: May 12, 2017; 11:29:02 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-0615

An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34259126. References: M-ALPS03150278.

Published: May 12, 2017; 11:29:02 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-0604

An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-35392981. References: QC-CR#826589.

Published: May 12, 2017; 11:29:01 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-0465

An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34112914. References: QC-CR#1110747.

Published: May 12, 2017; 11:29:00 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2016-10282

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33939045. References: M-ALPS03149189.

Published: May 12, 2017; 11:29:00 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH