) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): android
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2015-9027 |
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2015-9026 |
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2015-9025 |
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2015-9024 |
In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2015-9023 |
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2015-9022 |
In all Android releases from CAF using the Linux kernel, time-of-check Time-of-use (TOCTOU) Race Conditions exist in several TZ APIs. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.0 HIGH V2.0: 7.6 HIGH |
| CVE-2015-9021 |
In all Android releases from CAF using the Linux kernel, access control to SMEM memory was not enabled. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2015-9020 |
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in the unlocking of memory. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2014-9967 |
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2014-9966 |
In all Android releases from CAF using the Linux kernel, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists in Secure Display. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.0 HIGH V2.0: 7.6 HIGH |
| CVE-2014-9965 |
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of an SCM call. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2014-9964 |
In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2014-9963 |
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2014-9962 |
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of a DRM provisioning command. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2014-9961 |
In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2014-9960 |
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. Published: June 13, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-7816 |
The Cybozu kintone mobile for Android 1.0.6 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: June 09, 2017; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-7805 |
The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Published: June 09, 2017; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-5648 |
Acer Portal app before 3.9.4.2000 for Android does not properly validate SSL certificates, which allows remote attackers to perform a Man-in-the-middle attack via a crafted SSL certificate. Published: June 08, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.3 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2014-7919 |
b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger a denial of service (null pointer dereference and process crash). Published: June 08, 2017; 4:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |