Google

Android

7931 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-15828

  • EPSS 0.02%
  • Veröffentlicht 18.09.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:15:18

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow.

5.5

CVE-2017-15844

  • EPSS 0.02%
  • Veröffentlicht 18.09.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:15:19

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the function for writing device values into flash, uninitialized memory can be written to flash.

8.8

CVE-2018-11263

  • EPSS 0.12%
  • Veröffentlicht 06.09.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:01

In all Android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, radio_id is received from the FW and is used to access the buffer to copy the radio stats received for each radio from FW. If the radio_id rec...

7.8

CVE-2018-11262

  • EPSS 0.03%
  • Veröffentlicht 04.09.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:43:00

In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'G...

9.8

CVE-2018-14981

  • EPSS 0.09%
  • Veröffentlicht 17.08.2018 20:29:16
  • Zuletzt bearbeitet 21.11.2024 03:50:14

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI application intents. The LG ID is LVE-SMP-180005.

9.8

CVE-2018-14982

  • EPSS 0.09%
  • Veröffentlicht 17.08.2018 20:29:16
  • Zuletzt bearbeitet 21.11.2024 03:50:14

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS application. The LG ID is LVE-SMP-180004.

9.8

CVE-2018-15482

  • EPSS 0.09%
  • Veröffentlicht 17.08.2018 20:29:16
  • Zuletzt bearbeitet 21.11.2024 03:50:54

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT application intents. The LG ID is LVE-SMP-180006.

6.8

CVE-2018-5383

  • EPSS 0.61%
  • Veröffentlicht 07.08.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:42

Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generat...

9.8

CVE-2018-14066

Exploit
  • EPSS 0.1%
  • Veröffentlicht 15.07.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:48:33

The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the READ_SMS permission can read SMS messages. This affect...

7

CVE-2018-5873

  • EPSS 0.15%
  • Veröffentlicht 06.07.2018 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:09:36

An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux ke...