Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android api vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3698
An unspecified function in the Dalvik API in Android 1.5 and previous versions allows remote malicious users to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656.
Google Android
NA
CVE-2015-6606
The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin in Android prior to 5.1.1 LMY48T allows malicious users to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 22301786.
Google Android
1 Github repository
6.7
CVSSv3
CVE-2023-21370
In the Security Element API, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Google Android
7.8
CVSSv3
CVE-2018-6241
NVIDIA Tegra Gralloc module contains a vulnerability in driver in which it does not validate input parameter of the registerbuffer API, which may lead to arbitrary code execution, denial of service, or escalation of privileges. Android ID: A-62540032 Severity Rating: High Version...
Google Android -
7.8
CVSSv3
CVE-2018-11852
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write.
Google Android -
7.8
CVSSv3
CVE-2017-11081
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers defined in this API can ho...
Google Android -
7.5
CVSSv3
CVE-2017-18679
An issue exists on Samsung mobile devices with M(6.0) software. SLocation can cause a system crash via a call to an API that is not implemented. The Samsung ID is SVE-2017-8285 (April 2017).
Google Android 6.0
5.3
CVSSv3
CVE-2017-18658
An issue exists on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows malicious users to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017).
Google Android 6.0
5.7
CVSSv3
CVE-2020-24721
An issue exists in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-09-29, as used in COVID-19 applications on Android and iOS. It allows a user to be put in a position where he or she can be coerced into proving or disproving an exposure notification, bec...
Apple Exposure Notifications
Google Exposure Notifications
7.8
CVSSv3
CVE-2022-20421
In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An...
Google Android -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »