Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android api vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2017-11081
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers defined in this API can ho...
Google Android -
694
VMScore
CVE-2017-18679
An issue exists on Samsung mobile devices with M(6.0) software. SLocation can cause a system crash via a call to an API that is not implemented. The Samsung ID is SVE-2017-8285 (April 2017).
Google Android 6.0
445
VMScore
CVE-2017-18658
An issue exists on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows malicious users to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017).
Google Android 6.0
732
VMScore
CVE-2013-6282
The (1) get_user and (2) put_user API functions in the Linux kernel prior to 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows malicious users to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exp...
Linux Linux Kernel
2 EDB exploits
8 Github repositories
294
VMScore
CVE-2020-24721
An issue exists in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-09-29, as used in COVID-19 applications on Android and iOS. It allows a user to be put in a position where he or she can be coerced into proving or disproving an exposure notification, bec...
Apple Exposure Notifications
Google Exposure Notifications
NA
CVE-2022-20421
In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An...
Google Android -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
580
VMScore
CVE-2015-8269
The API on Fisher-Price Smart Toy Bear devices allows remote malicious users to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number.
Fisher-price Smart Toy Bear
7 Github repositories
NA
CVE-2023-25747
A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 110.1.0.
Mozilla Firefox
641
VMScore
CVE-2020-11292
Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & ...
Qualcomm Apq8009 Firmware -
Qualcomm Apq8009w Firmware -
Qualcomm Apq8017 Firmware -
Qualcomm Apq8037 Firmware -
Qualcomm Apq8053 Firmware -
Qualcomm Apq8084 Firmware -
Qualcomm Apq8096au Firmware -
Qualcomm Aqt1000 Firmware -
Qualcomm Ar6003 Firmware -
Qualcomm Csr6030 Firmware -
Qualcomm Csrb31024 Firmware -
Qualcomm Mdm8207 Firmware -
Qualcomm Mdm8215 Firmware -
Qualcomm Mdm8215m Firmware -
Qualcomm Mdm8615m Firmware -
Qualcomm Mdm9150 Firmware -
Qualcomm Mdm9205 Firmware -
Qualcomm Mdm9206 Firmware -
Qualcomm Mdm9207 Firmware -
Qualcomm Mdm9215 Firmware -
Qualcomm Mdm9230 Firmware -
Qualcomm Mdm9250 Firmware -
1 Article
NA
CVE-2023-20194
A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote malicious user to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affec...
Cisco Identity Services Engine
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »