Google

Android

7895 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2018-15482

  • EPSS 0.09%
  • Veröffentlicht 17.08.2018 20:29:16
  • Zuletzt bearbeitet 21.11.2024 03:50:54

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT application intents. The LG ID is LVE-SMP-180006.

6.8

CVE-2018-5383

  • EPSS 0.81%
  • Veröffentlicht 07.08.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:42

Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generat...

9.8

CVE-2018-14066

Exploit
  • EPSS 0.1%
  • Veröffentlicht 15.07.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:48:33

The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the READ_SMS permission can read SMS messages. This affect...

7

CVE-2018-5873

  • EPSS 0.11%
  • Veröffentlicht 06.07.2018 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:09:36

An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux ke...

7.5

CVE-2018-5886

  • EPSS 0.12%
  • Veröffentlicht 06.07.2018 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:09:38

A pointer in an ADSPRPC command is not properly validated in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), which can lead to kernel memory being accessed.

7.8

CVE-2018-5907

  • EPSS 0.02%
  • Veröffentlicht 06.07.2018 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:09:40

Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

7.8

CVE-2017-15851

  • EPSS 0.02%
  • Veröffentlicht 06.07.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:15:20

Lack of copy_from_user and information leak in function "msm_ois_subdev_do_ioctl, file msm_ois.c can lead to a camera crash in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel

7.8

CVE-2018-11304

  • EPSS 0.02%
  • Veröffentlicht 06.07.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:06

Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

7.8

CVE-2018-3570

  • EPSS 0.02%
  • Veröffentlicht 06.07.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:05:41

In the cpuidle driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, the list_for_each macro was not used correctly which could lead to an untrusted pointer dereference.

10

CVE-2018-3586

  • EPSS 0.18%
  • Veröffentlicht 06.07.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:05:42

An integer overflow to buffer overflow vulnerability exists in the ADSPRPC heap manager in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.