Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android 2.1 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2011-2344
Android Picasa in Android 3.0 and 2.x up to and including 2.3.4 uses a cleartext HTTP session when transmitting the authToken obtained from ClientLogin, which allows remote malicious users to gain privileges and access private pictures and web albums by sniffing the token from co...
Google Android 2.1
Google Android 2.3
Google Android 2.3.3
Google Android 3.0
Google Android 2.2.1
Google Android 2.2.2
Google Android 2.2
Google Android 2.3.4
10
CVSSv2
CVE-2010-1119
Use-after-free vulnerability in WebKit in Apple Safari prior to 5.0 on Mac OS X 10.5 up to and including 10.6 and Windows, Safari prior to 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote malicious users to execute arbitrary code or cause a denial of service (app...
Apple Safari 4.0.4
Apple Safari
Apple Safari 3.0.1
Apple Safari 3.0.1b
Apple Safari 3.1
Apple Safari 3.1.0
Apple Safari 3.2.3
Apple Safari 2
Apple Safari 2.0.3
Apple Safari 1.0.2
Apple Safari 1.0.3
Apple Safari 1.1.1
Apple Safari 1.2
Apple Safari 1.3.0
Apple Safari 1.3.1
Apple Safari 4.0.0b
Apple Safari 4.0
Apple Safari 4.1
Apple Safari 3.0.2
Apple Safari 3.0.2b
Apple Safari 3.1.0b
Apple Safari 3.1.1
1 EDB exploit
9.3
CVSSv2
CVE-2013-4787
Android 1.6 Donut up to and including 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows malicious users to execute arbitrary code via an application package file (APK) that is modified in a way that does not violate the cryptographic s...
Google Android 2.3.3
Google Android 2.3.4
Google Android 4.0
Google Android 4.1.2
Google Android 4.0.4
Google Android 4.0.3
Google Android 4.0.2
Google Android 4.2
Google Android 4.0.1
Google Android 2.3
Google Android 2.2.2
Google Android 1.6
Google Android 2.1
Google Android 3.1
Google Android 2.3.2
Google Android 3.2.2
Google Android 3.2.1
Google Android 2.2.1
Google Android 2.3.5
Google Android 2.2
Google Android 2.3.6
Google Android 3.0
1 EDB exploit
9.3
CVSSv2
CVE-2010-1807
WebKit in Apple Safari 4.x prior to 4.1.2 and 5.x prior to 5.0.2; Android prior to 2.2; and webkitgtk prior to 1.2.6; does not properly validate floating-point data, which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via...
Apple Safari 4.0.5
Apple Safari 4.1
Apple Safari 4.0.0b
Apple Safari 4.1.1
Apple Safari 4.0
Apple Safari 4.0.3
Apple Safari 4.0.4
Apple Safari 4.0.1
Apple Safari 4.0.2
Apple Safari 5.0.1
Apple Safari 5.0
Google Android
Google Android 1.6
Google Android 1.5
Google Android 2.0
Google Android 1.1
Google Android 1.0
Webkitgtk Webkitgtk 1.2.0
Webkitgtk Webkitgtk 1.2.2
Webkitgtk Webkitgtk 1.2.1
Webkitgtk Webkitgtk 1.2.4
Webkitgtk Webkitgtk 1.2.3
2 EDB exploits
7.8
CVSSv2
CVE-2011-3918
The Zygote process in Android 4.0.3 and previous versions accepts fork requests from processes with arbitrary UIDs, which allows remote malicious users to cause a denial of service (reboot loop) via a crafted application.
Google Android 2.2.3
Google Android 2.0.1
Google Android 1.0
Google Android 3.2.6
Google Android 1.6
Google Android 2.1
Google Android 3.2.4
Google Android 3.2
Google Android 3.2.2
Google Android 4.0.2
Google Android 2.3
Google Android 2.3.6
Google Android 4.0.1
Google Android 2.3.3
Google Android 3.0
Google Android 2.0
Google Android 2.3.1
Google Android 2.3.5
Google Android 1.5
Google Android 3.1
Google Android 2.2.1
Google Android 2.2.2
1 EDB exploit
7.5
CVSSv2
CVE-2014-8507
Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android prior to 5.0.0 allow remote malicious users to execute arbitrary SQL commands, and consequently launch ...
Google Android 4.0.3
Google Android 4.0.2
Google Android 4.0.1
Google Android 4.0
Google Android 2.3.2
Google Android 2.3.1
Google Android 4.4
Google Android 4.3.1
Google Android 4.3
Google Android 4.2.2
Google Android 4.2.1
Google Android 3.2
Google Android 3.1
Google Android 3.0
Google Android 2.3.7
Google Android 2.1
Google Android 2.0.1
Google Android 2.0
Google Android 1.6
Google Android 2.3
Google Android 2.2.3
Google Android
1 EDB exploit
7.5
CVSSv2
CVE-2013-7373
Android prior to 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for malicious users to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications.
Google Android 1.0
Google Android 1.1
Google Android 1.5
Google Android 1.6
Google Android 2.3.4
Google Android 2.3.5
Google Android 2.3.6
Google Android 2.3.7
Google Android 4.1.2
Google Android 4.2
Google Android 4.2.1
Google Android 4.2.2
Google Android 2.0
Google Android 2.1
Google Android 2.3
Google Android 2.3.2
Google Android 3.1
Google Android 3.2.1
Google Android 4.0.1
Google Android 4.0.3
Google Android 4.1
Google Android 4.3
7.2
CVSSv2
CVE-2014-7911
luni/src/main/java/java/io/ObjectInputStream.java in the java.io.ObjectInputStream implementation in Android prior to 5.0.0 does not verify that deserialization will result in an object that met the requirements for serialization, which allows malicious users to execute arbitrary...
Google Android 2.2.3
Google Android 2.0.1
Google Android 1.0
Google Android 3.2.6
Google Android 4.2
Google Android 1.6
Google Android 2.1
Google Android 4.1
Google Android 3.2.4
Google Android 3.2
Google Android 3.2.2
Google Android 4.0.2
Google Android 2.3
Google Android 4.4.3
Google Android 2.3.6
Google Android 4.0.4
Google Android 4.3
Google Android 4.0.1
Google Android 2.3.3
Google Android 3.0
Google Android 2.0
Google Android 4.2.1
10 Github repositories
7.2
CVSSv2
CVE-2011-1823
The vold volume manager daemon on Android 3.0 and 2.x prior to 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via a negative index that bypasses a maximum-only signed integer check in t...
Google Android 2.2.3
Google Android 2.1
Google Android 2.3
Google Android 2.3.3
Google Android 3.0
Google Android 2.3.1
Google Android 2.2.1
Google Android 2.2.2
Google Android 2.2
Google Android 2.3.2
7.2
CVSSv2
CVE-2011-1149
Android prior to 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf, related to the use of Android shared memory (ashmem) and...
Google Android 1.6
Google Android 2.1
Google Android 1.5
Google Android 2.2.1
Google Android 2.2
Google Android
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »