Filtered by vendor Google
Subscribe
Total
13548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-3568 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
|
|||||
| CVE-2018-3567 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
|
|||||
| CVE-2018-3566 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overwrite may occur in ProcSetReqInternal() due to missing length check.
|
|||||
| CVE-2018-3565 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
While sending a probe request indication in lim_send_sme_probe_req_ind() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overflow can occur.
|
|||||
| CVE-2018-3564 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails.
|
|||||
| CVE-2018-3563 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, untrusted pointer dereference in apr_cb_func can lead to an arbitrary code execution.
|
|||||
| CVE-2018-3562 | 1 Google | 1 Android | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
|
Buffer over -read can occur while processing a FILS authentication frame in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
|
|||||
| CVE-2018-3561 | 1 Google | 1 Android | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in diag_ioctl_lsm_deinit() leads to a Use After Free condition.
|
|||||
| CVE-2018-3560 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Double Free vulnerability exists in Audio Driver while opening a sound compression device.
|
|||||
| CVE-2018-21233 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decode_bmp_op.cc.
|
|||||
| CVE-2018-21092 | 1 Google | 1 Android | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. A crafted AT command may be sent by the DeviceTest application via an NFC tag. The Samsung ID is SVE-2017-10885 (January 2018).
|
|||||
| CVE-2018-21091 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. Telecom has a System Crash via abnormal exception handling. The Samsung ID is SVE-2017-10906 (January 2018).
|
|||||
| CVE-2018-21090 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with software through 2017-11-03 (S.LSI modem chipsets). The Exynos modem chipset has a baseband buffer overflow. The Samsung ID is SVE-2017-10745 (January 2018).
|
|||||
| CVE-2018-21089 | 2 Google, Mediatek | 3 Android, Mt6755, Mt6757 | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with N(7.x) (MT6755/MT6757 Mediatek models) software. Bootloader has an integer overflow that leads to arbitrary code execution via the download offset control. The Samsung ID is SVE-2017-10732 (January 2018).
|
|||||
| CVE-2018-21088 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can cause a reboot because InputMethodManagerService has an unprotected system service. The Samsung ID is SVE-2017-9995 (January 2018).
|
|||||
| CVE-2018-21087 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018).
|
|||||
| CVE-2018-21086 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software. There is a race condition with a resultant double free in vnswap_init_backing_storage. The Samsung ID is SVE-2017-11177 (February 2018).
|
|||||
| CVE-2018-21085 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software. There is a race condition with a resultant use-after-free in vnswap_deinit_backing_storage. The Samsung ID is SVE-2017-11176 (February 2018).
|
|||||
| CVE-2018-21084 | 1 Google | 1 Android | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.x) software. There is a race condition with a resultant read-after-free issue in get_kek. The Samsung ID is SVE-2017-11174 (February 2018).
|
|||||
| CVE-2018-21083 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos or Qualcomm chipsets) software. There is information disclosure (of a kernel address) via trustonic_tee. The Samsung ID is SVE-2017-11175 (February 2018).
|
|||||
| CVE-2018-21082 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 8.4 HIGH |
|
An issue was discovered on Samsung mobile devices with N(7.x) software. Dex Station allows App Pinning bypass and lock-screen bypass via the "Use screen lock type to unpin" option. The Samsung ID is SVE-2017-11106 (February 2018).
|
|||||
| CVE-2018-21081 | 1 Google | 1 Android | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An issue was discovered on Samsung mobile devices with N(7.x) software. In Dual Messenger, the second app can use the runtime permissions of the first app without a user's consent. The Samsung ID is SVE-2017-11018 (March 2018).
|
|||||
| CVE-2018-21080 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
|
An issue was discovered on Samsung mobile devices with N(7.x) software. A physically proximate attacker wielding a magnet can activate NFC to bypass the lockscreen. The Samsung ID is SVE-2017-10897 (March 2018).
|
|||||
| CVE-2018-21079 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), N(7.x), and O(8.0) software. There is a kernel pointer leak in the USB gadget driver. The Samsung ID is SVE-2017-10993 (March 2018).
|
|||||
| CVE-2018-21078 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) software. The Contacts application allows attackers to originate video calls because SS (Supplementary Service) and USSD (Unstructured Supplementary Service Data) codes are improperly secured. The Samsung ID is SVE-2018-11469 (April 2018).
|
|||||
| CVE-2018-21077 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 2.4 LOW |
|
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is a Clipboard content disclosure in the locked state because the keyboard may be used during an emergency call. The Samsung ID is SVE-2017-11107 (April 2018).
|
|||||
| CVE-2018-21076 | 2 Google, Samsung | 3 Android, Exynos 8890, Exynos 8895 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
An issue was discovered on Samsung mobile devices with N(7.x) (Exynos8890/8895 chipsets) software. There is information disclosure (a KASLR offset) in the Secure Driver via a modified trustlet. The Samsung ID is SVE-2017-10987 (April 2018).
|
|||||
| CVE-2018-21075 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. The Call+ application can load classes from an unintended path, leading to Code Execution. The Samsung ID is SVE-2017-10886 (April 2018).
|
|||||
| CVE-2018-21074 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
An issue was discovered on Samsung mobile devices with M(6.x) (Exynos or Qualcomm chipsets) software. There is information disclosure from a Trustlet via the debug log. The Samsung ID is SVE-2017-10638 (April 2018).
|
|||||
| CVE-2018-21073 | 2 Google, Samsung | 6 Android, Galaxy S8, Galaxy S8\+ and 3 more | 2024-11-21 | 2.1 LOW | 2.4 LOW |
|
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) (Galaxy S9+, Galaxy S9, Galaxy S8+, Galaxy S8, Note 8). There is access to Clipboard content in the locked state via the Edge panel. The Samsung ID is SVE-2017-10748 (May 2018).
|
|||||
| CVE-2018-21072 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos chipsets) software. A kernel driver allows out-of-bounds Read/Write operations and possibly arbitrary code execution. The Samsung ID is SVE-2018-11358 (May 2018).
|
|||||
| CVE-2018-21071 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
|
An issue was discovered on Samsung mobile devices with M(6.0) software. Because of an unprotected intent, an attacker can read arbitrary files and emails, and take over an email account. The Samsung ID is SVE-2018-11633 (May 2018).
|
|||||
| CVE-2018-21070 | 2 Google, Qualcomm | 3 Android, Msm8998, Sdm845 | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
An issue was discovered on Samsung mobile devices with N(7.x), O(8.0) devices (MSM8998 or SDM845 chipsets) software. An attacker can bypass Secure Boot and obtain root access because of a missing Bootloader integrity check. The Samsung ID is SVE-2018-11552 (May 2018).
|
|||||
| CVE-2018-21069 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered on Samsung mobile devices with N(7.x) (MediaTek chipsets) software. There is information disclosure (of kernel stack memory) in a MediaTek driver. The Samsung ID is SVE-2018-11852 (July 2018).
|
|||||
| CVE-2018-21068 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 6.2 MEDIUM |
|
An issue was discovered on Samsung mobile devices with O(8.0) software. Execution of an application in a locked Secure Folder can occur without a password via a split screen. The Samsung ID is SVE-2018-11669 (July 2018).
|
|||||
| CVE-2018-21067 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
An issue was discovered on Samsung mobile devices with M(6.0) software. There is an information disclosure in a Trustlet because an address is logged. The Samsung ID is SVE-2018-11600 (July 2018).
|
|||||
| CVE-2018-21066 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with M(6.0) (Exynos or MediaTek chipsets) software. There is a buffer overflow in a Trustlet that can cause memory corruption. The Samsung ID is SVE-2018-11599 (July 2018).
|
|||||
| CVE-2018-21065 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is an integer underflow in eCryptFS because of a missing size check. The Samsung ID is SVE-2017-11855 (August 2018).
|
|||||
| CVE-2018-21064 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is an array overflow in a driver's input booster. The Samsung ID is SVE-2017-11816 (August 2018).
|
|||||
| CVE-2018-21063 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) (Exynos chipsets) software. Keymaster has an architectural problem because tlApi in TEE is not properly protected. The Samsung ID is SVE-2018-11792 (August 2018).
|
|||||