Google

Android

7931 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2018-3598

  • EPSS 0.12%
  • Veröffentlicht 03.04.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:05:44

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, insufficient validation of parameters from userspace in the camera driver can lead to i...

7.5

CVE-2017-15859

  • EPSS 0.12%
  • Veröffentlicht 30.03.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:15:21

While processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE_DECR_DB contains fewer than 1 byte, in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-...

9.8

CVE-2017-17766

  • EPSS 0.18%
  • Veröffentlicht 30.03.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:18:37

In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-03, the value of num_peers received from firmware is not properly validated so that an integer overflow vulnerability in the size of a buffer allo...

5.5

CVE-2017-17769

  • EPSS 0.02%
  • Veröffentlicht 30.03.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:18:37

Information leakage in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the audio driver.

7.8

CVE-2017-17771

  • EPSS 0.02%
  • Veröffentlicht 30.03.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:18:37

In msm_isp_prepare_v4l2_buf in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-02-12, an array out of bounds can occur.

4.7

CVE-2017-9691

  • EPSS 0.02%
  • Veröffentlicht 30.03.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:36:39

There is a race condition in Android for MSM, Firefox OS for MSM, and QRD Android that allows to access to already free'd memory in the debug message output functionality contained within the mobicore driver.

7.8

CVE-2017-9692

  • EPSS 0.05%
  • Veröffentlicht 30.03.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:36:39

When an atomic commit is issued on a writeback panel with a NULL output_layer parameter in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-03, a NULL pointer dereference may potentially occur.

5.5

CVE-2017-9693

  • EPSS 0.04%
  • Veröffentlicht 30.03.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:36:39

The length of attribute value for STA_EXT_CAPABILITY in __wlan_hdd_change_station in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaParams.extn_capability results in a read for extra byte...

7.8

CVE-2017-9723

  • EPSS 0.02%
  • Veröffentlicht 30.03.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:36:42

The touchscreen driver synaptics_dsx in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-05, the size of a stack-allocated buffer can be set to a value which exceeds the size of the stack.

7.5

CVE-2017-11087

  • EPSS 0.11%
  • Veröffentlicht 30.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:07:04

libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the "filled length", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context ...