U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 1,224 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2017-0770

A elevation of privilege vulnerability in the Android media framework (libmediaplayerservice). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38234812.

Published: September 08, 2017; 4:29:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0768

A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62019992.

Published: September 08, 2017; 4:29:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0767

A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407.

Published: September 08, 2017; 4:29:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0766

A remote code execution vulnerability in the Android media framework (libjhead). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37776688.

Published: September 08, 2017; 4:29:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0764

A remote code execution vulnerability in the Android media framework (libvorbis). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62872015.

Published: September 08, 2017; 4:29:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0756

A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073.

Published: September 08, 2017; 4:29:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0752

A elevation of privilege vulnerability in the Android framework (windowmanager). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62196835.

Published: September 08, 2017; 4:29:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-0805

A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37237701.

Published: August 23, 2017; 8:29:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-9685

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition.

Published: August 18, 2017; 3:29:00 PM -0400
V3.0: 8.1 HIGH
V2.0: 9.3 HIGH
CVE-2017-9684

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a Use After Free condition.

Published: August 18, 2017; 3:29:00 PM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-9682

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in two KGSL driver functions can lead to a Use After Free condition.

Published: August 18, 2017; 3:29:00 PM -0400
V3.0: 4.7 MEDIUM
V2.0: 2.6 LOW
CVE-2017-9680

In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error message.

Published: August 18, 2017; 3:29:00 PM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2017-9679

In all Qualcomm products with Android releases from CAF using the Linux kernel, if a userspace string is not NULL-terminated, kernel memory contents can leak to system logs.

Published: August 18, 2017; 3:29:00 PM -0400
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2017-9678

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy().

Published: August 18, 2017; 3:29:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-7364

In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (which could point to arbitrary kernel address), so on an error condition, this user-provided address will be freed (arbitrary free), and continued operation could result in use after free condition.

Published: August 18, 2017; 3:29:00 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2017-8272

In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write.

Published: August 18, 2017; 2:29:03 PM -0400
V3.0: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2017-8270

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a driver potentially leading to a use-after-free condition.

Published: August 18, 2017; 2:29:03 PM -0400
V3.0: 7.0 HIGH
V2.0: 5.1 MEDIUM
CVE-2017-8268

In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read.

Published: August 18, 2017; 2:29:03 PM -0400
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-8267

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in an IOCTL handler potentially leading to an integer overflow and then an out-of-bounds write.

Published: August 18, 2017; 2:29:03 PM -0400
V3.0: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2017-8266

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to a use-after-free condition.

Published: August 18, 2017; 2:29:03 PM -0400
V3.0: 7.0 HIGH
V2.0: 5.1 MEDIUM