Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:google:android:2.0.3:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-5861 |
In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow. Published: August 16, 2017; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 8.3 HIGH |
CVE-2016-5860 |
In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a heap buffer overflow. Published: August 16, 2017; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 7.0 HIGH V2.0: 7.6 HIGH |
CVE-2016-5859 |
In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow. Published: August 16, 2017; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 7.0 HIGH V2.0: 7.6 HIGH |
CVE-2016-5858 |
In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs. Published: August 16, 2017; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 4.7 MEDIUM V2.0: 2.6 LOW |
CVE-2016-5855 |
In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough. Published: August 16, 2017; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 4.7 MEDIUM V2.0: 2.6 LOW |
CVE-2016-5854 |
In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace. Published: August 16, 2017; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 4.7 MEDIUM V2.0: 2.6 LOW |
CVE-2016-5853 |
In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed, but code execution continues in the same way as for a correct length value. Published: August 16, 2017; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 7.0 HIGH V2.0: 7.6 HIGH |
CVE-2016-5347 |
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver. Published: August 16, 2017; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 4.7 MEDIUM V2.0: 2.6 LOW |
CVE-2017-0750 |
A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013. Published: August 09, 2017; 5:29:01 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-0749 |
A elevation of privilege vulnerability in the Upstream Linux linux kernel. Product: Android. Versions: Android kernel. Android ID: A-36007735. Published: August 09, 2017; 5:29:01 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-0747 |
A elevation of privilege vulnerability in the Qualcomm proprietary component. Product: Android. Versions: Android kernel. Android ID: A-32524214. References: QC-CR#2044821. Published: August 09, 2017; 5:29:01 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-0746 |
A elevation of privilege vulnerability in the Qualcomm ipa driver. Product: Android. Versions: Android kernel. Android ID: A-35467471. References: QC-CR#2029392. Published: August 09, 2017; 5:29:01 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-0742 |
A elevation of privilege vulnerability in the MediaTek video driver. Product: Android. Versions: Android kernel. Android ID: A-36074857. References: M-ALPS03275524. Published: August 09, 2017; 5:29:01 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-0741 |
A elevation of privilege vulnerability in the MediaTek gpu driver. Product: Android. Versions: Android kernel. Android ID: A-32458601. References: M-ALPS03007523. Published: August 09, 2017; 5:29:01 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-0740 |
A remote code execution vulnerability in the Broadcom networking driver. Product: Android. Versions: Android kernel. Android ID: A-37168488. References: B-RB#116402. Published: August 09, 2017; 5:29:01 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2015-3839 |
The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). Published: August 07, 2017; 1:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2017-2278 |
The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEED TEST App for iOS version 2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: August 02, 2017; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-3742 |
In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. An attacker with read access to the user's contents could connect to the Connect2 hotspot and see the contents of files while they are being transferred between the two systems. Published: July 17, 2017; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 2.3 LOW |
CVE-2017-6249 |
An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34373711. References: N-CVE-2017-6249. Published: July 13, 2017; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.0 HIGH V2.0: 7.6 HIGH |
CVE-2017-3750 |
On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749. Published: June 29, 2017; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 6.4 MEDIUM V2.0: 6.9 MEDIUM |