Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android sdk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-1001
dexdump in Android SDK prior to 2.3 does not properly perform structural verification, which allows user-assisted remote malicious users to cause a denial of service (dexdump crash) and possibly execute arbitrary code via a malformed APK or dex file that calls a method using more...
Google Android Sdk 1.6
Google Android Sdk 1.5
Google Android Sdk
Google Android Sdk 2.1
Google Android Sdk 1.1
Google Android Sdk 2.0
Google Android Sdk 2.0.1
NA
CVE-2008-0986
Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and previous versions, and m5-rc14, allows remote malicious users to execute arbitrary code via a crafted BMP file with a header containing a negative offset field.
Google Android Sdk
Google Android Sdk M5-rc14
1 EDB exploit
NA
CVE-2008-0985
Heap-based buffer overflow in the GIF library in the WebKit framework for Google Android SDK m3-rc37a and previous versions allows remote malicious users to execute arbitrary code via a crafted GIF file whose logical screen height and width are different than the actual height an...
Google Android Sdk M3-rc37a
1 EDB exploit
NA
CVE-2014-1909
Integer signedness error in system/core/adb/adb_client.c in Android Debug Bridge (ADB) for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based ...
Opensuse Opensuse 12.3
Google Android Debug Bridge -
Google Android Sdk Platform Tools 18.0.1
Opensuse Opensuse 13.1
7.8
CVSSv3
CVE-2023-20906
In onPackageAddedInternal of PermissionManagerService.java, there is a possible way to silently grant a permission after a Target SDK update due to a permissions bypass. This could lead to local escalation of privilege after updating an app to a higher Target SDK with no addition...
Google Android 11.0
Google Android 12.0
Google Android 12.1
Google Android 13.0
7.5
CVSSv3
CVE-2021-25417
Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage.
Google Android 9.0
Google Android 10.0
7.8
CVSSv3
CVE-2021-23243
In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used.
Google Android 11.0
9.8
CVSSv3
CVE-2016-11038
An issue exists on Samsung mobile devices with software through 2016-04-05 (incorporating the Samsung Professional Audio SDK). The Jack audio service doesn't implement access control for shared memory, leading to arbitrary code execution or privilege escalation. The Samsung ...
Google Android -
7.3
CVSSv3
CVE-2023-0460
The YouTube Embedded 1.2 SDK binds to a service within the YouTube Main App. After binding, a remote context is created with the flags Context.CONTEXT_INCLUDE_CODE | Context.CONTEXT_IGNORE_SECURITY. This allows the client app to remotely load code from YouTube Main App by retriev...
Google Youtube Android Player Api
5.5
CVSSv3
CVE-2020-0106
In getCellLocation of PhoneInterfaceManager.java, there is a possible permission bypass due to a missing SDK version check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: And...
Google Android 10.0
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »