U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:google:android:2.3
There are 759 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2017-3748

On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device).

Published: June 29, 2017; 11:29:00 AM -0400
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2015-3840

The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission.

Published: June 27, 2017; 4:29:00 PM -0400
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-0625

An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A. Android ID: A-35142799. References: M-ALPS03161531.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-0620

An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35401052. References: QC-CR#1081711.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0619

An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35401152. References: QC-CR#826566.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0618

An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-35100728. References: M-ALPS03161536.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0617

An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34471002. References: M-ALPS03149173.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0616

An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34470286. References: M-ALPS03149160.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0615

An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34259126. References: M-ALPS03150278.

Published: May 12, 2017; 11:29:02 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-0604

An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-35392981. References: QC-CR#826589.

Published: May 12, 2017; 11:29:01 AM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0465

An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34112914. References: QC-CR#1110747.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2016-10282

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33939045. References: M-ALPS03149189.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2016-10281

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175647. References: M-ALPS02696475.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2016-10280

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175767. References: M-ALPS02696445.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2016-10276

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32952839. References: QC-CR#1094105.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-10275

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-34514954. References: QC-CR#1009111.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2016-10274

An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30202412. References: M-ALPS02897901.

Published: May 12, 2017; 11:29:00 AM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0331

An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel 3.10. Android ID: A-34113000. References: N-CVE-2017-0331.

Published: May 02, 2017; 5:59:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2015-9004

kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.

Published: May 02, 2017; 5:59:00 PM -0400
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2014-9940

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.

Published: May 02, 2017; 5:59:00 PM -0400
V3.1: 7.0 HIGH
V2.0: 7.6 HIGH