Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

google android 4.2.1 vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2014-6041
The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open('\u0000javascript: sequence to the Android Browser application 4.2.1 or...
Google Android Browser 4.2.1
NA
CVE-2013-6271
Android 4.0 through 4.3 allows attackers to bypass intended access restrictions and remove device locks via a crafted application that invokes the updateUnlockMethodAndFinish method in the com.android.settings.ChooseLockGeneric class with the PASSWORD_QUALITY_UNSPECIFIED option....
Google Android 4.2.1Google Android 4.0Google Android 4.2Google Android 4.0.2Google Android 4.0.3Google Android 4.0.4Google Android 4.1Google Android 4.3Google Android 4.2.2Google Android 4.0.1Google Android 4.1.2
NA
CVE-2014-1939
java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at...
Google Android 4.0.3Google Android 4.0.2Google Android 4.0.1Google Android 4.0Google AndroidGoogle Android 4.3Google Android 4.2.2Google Android 4.2.1Google Android 4.2Google Android 4.1Google Android 4.1.2Google Android 4.0.4Lenovo Shareit
NA
CVE-2013-7372
The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture (JCA) in...
Google Android 4.0Apache HarmonyGoogle Android 4.3Google Android 4.0.3Google Android 4.0.1Google Android 4.2.2Google Android 4.2.1Google Android 4.2Google Android 4.1.2Google Android 4.1Google AndroidGoogle Android 4.0.4Google Android 4.0.2
7.5
CVSSv3
CVE-2016-3753
mediaserver in Android 4.x before 4.4.4 allows remote attackers to obtain sensitive information via unspecified vectors, aka internal bug 27210135....
Google Android 4.4.3Google Android 4.2.1Google Android 4.1.2Google Android 4.0.1Google Android 4.1Google Android 4.0.4Google Android 4.0.3Google Android 4.0.2Google Android 4.4.1Google Android 4.4Google Android 4.3.1Google Android 4.3Google Android 4.4.2Google Android 4.2.2Google Android 4.2Google Android 4.0
5.5
CVSSv3
CVE-2016-3818
libc in Android 4.x before 4.4.4 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka internal bug 28740702....
Google Android 4.4.2Google Android 4.4Google Android 4.2Google Android 4.1Google Android 4.4.3Google Android 4.4.1Google Android 4.1.2Google Android 4.0.4Google Android 4.3.1Google Android 4.3Google Android 4.2.2Google Android 4.2.1Google Android 4.0.3Google Android 4.0.2Google Android 4.0.1Google Android 4.0
5.5
CVSSv3
CVE-2016-6767
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4. Android ID: A-31833604....
Google Android 4.0.3Google Android 4.0.4Google Android 4.1Google Android 4.1.2Google Android 4.2Google Android 4.4Google Android 4.4.1Google Android 4.4.2Google Android 4.4.3Google Android 4.0Google Android 4.0.2Google Android 4.2.2Google Android 4.3.1Google Android 4.4.4Google Android 4.0.1Google Android 4.2.1Google Android 4.3
7.8
CVSSv3
CVE-2016-2482
The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature...
Google Android 6.0.1Google Android 6.0Google Android 4.0.2Google Android 4.0.1Google Android 4.0Google Android 4.2.2Google Android 4.2.1Google Android 4.2Google Android 4.1.2Google Android 5.1Google Android 5.0Google Android 4.3Google Android 4.1.1Google Android 4.0.4Google Android 5.0.1Google Android 4.3.1Google Android 4.1Google Android 4.0.3
7.8
CVSSv3
CVE-2016-2480
The mm-video-v4l2 vidc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate certain OMX parameter data structures, which allows attackers to gain privileges via a crafted application, as...
Google Android 6.0.1Google Android 6.0Google Android 4.0.3Google Android 4.0.2Google Android 4.0.1Google Android 4.0Google Android 4.3Google Android 4.2.2Google Android 4.2.1Google Android 4.2Google Android 5.0.1Google Android 4.3.1Google Android 4.1.2Google Android 4.1Google Android 5.1Google Android 5.0Google Android 4.1.1Google Android 4.0.4
7.8
CVSSv3
CVE-2016-2478
mm-video-v4l2/vidc/vdec/src/omx_vdec_msm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...
Google Android 4.1Google Android 4.0.4Google Android 4.0.3Google Android 4.0.2Google Android 5.0Google Android 4.3.1Google Android 4.3Google Android 4.2.2Google Android 6.0.1Google Android 5.1Google Android 4.2Google Android 4.1.1Google Android 4.0.1Google Android 6.0Google Android 5.0.1Google Android 4.2.1Google Android 4.1.2Google Android 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
elevation of privilegeCVE-2022-42331CVE-2023-24709CVE-2023-27569open redirectinjectionCVE-2023-27087
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook