google android 4.4.4 vulnerabilities and exploits

(subscribe to this query)

7.5

CVSSv3

WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not...

Google Android 4.4.4 Google Android 4.2.2 Google Android 4.1.21 EDB exploit available1 Article available

7

CVSSv3

Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a...

Google Android 4.4.42 Github repositories available

7.8

CVSSv3

The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service (vma list corruption)...

Google Android 5.0 Google Android 5.1.1 Google Android 4.4.4 Google Android 6.02 Github repositories available

5.5

CVSSv3

A remote denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2,...

Google Android 6.0 Google Android 6.0.1 Google Android 5.0.2 Google Android 5.1.1 Google Android 4.4.4

4.3

CVSSv3

The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection (MFP) was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service...

Google Android 6.0.1 Google Android 6.0 Google Android 4.4.4 Google Android 5.0 Google Android 5.1.11 Github repository available

7.8

CVSSv3

wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or...

Google Android 5.1.1 Google Android 5.0.2 Google Android 6.0.1 Google Android 6.0 Google Android 4.4.4

7.8

CVSSv3

The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 25307013....

Google Android 4.4.4 Google Android 6.0.1 Google Android 5.1.1 Google Android 6.0 Google Android 5.02 Github repositories available

5

CVSSv3

SyncManager in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to cause a denial of service (continuous rebooting) via a crafted application, aka internal bug 23591205....

Google Android 4.4.4 Google Android 6.0 Google Android 5.0.1 Google Android 5.1.0 Google Android 5.0 Google Android 5.0.2 Google Android 5.1.11 Github repository available

7.8

CVSSv3

A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762....

Google Android 4.4.4

4.6

CVSSv3

Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. (dot dot) in a...

Google Android 4.4.4

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook