Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-7373
Android prior to 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for malicious users to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications.
Google Android
Google Android 1.0
Google Android 1.1
Google Android 1.5
Google Android 1.6
Google Android 2.0
Google Android 2.0.1
Google Android 2.1
Google Android 2.2
Google Android 2.2.1
Google Android 2.2.2
Google Android 2.2.3
7.2
CVSSv2
CVE-2014-7911
luni/src/main/java/java/io/ObjectInputStream.java in the java.io.ObjectInputStream implementation in Android prior to 5.0.0 does not verify that deserialization will result in an object that met the requirements for serialization, which allows malicious users to execute arbitrary...
Google Android
Google Android 1.0
Google Android 1.1
Google Android 1.5
Google Android 1.6
Google Android 2.0
Google Android 2.0.1
Google Android 2.1
Google Android 2.2
Google Android 2.2.1
Google Android 2.2.2
Google Android 2.2.3
6 Github repositories
3.3
CVSSv2
CVE-2014-8610
AndroidManifest.xml in Android prior to 5.0.0 does not require the SEND_SMS permission for the SmsReceiver receiver, which allows malicious users to send stored SMS messages, and consequently transmit arbitrary new draft SMS messages or trigger additional per-message charges from...
Google Android
Google Android 1.0
Google Android 1.1
Google Android 1.5
Google Android 1.6
Google Android 2.0
Google Android 2.0.1
Google Android 2.1
Google Android 2.2
Google Android 2.2.1
Google Android 2.2.2
Google Android 2.2.3
9.8
CVSSv3
CVE-2016-1155
HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 up to and including 6.0 allows remote malicious users to execute arbitrary scripts or set arbitrary values in cookies.
Google Android 2.2
Google Android 2.2.1
Google Android 2.2.2
Google Android 2.2.3
Google Android 2.3
Google Android 2.3.1
Google Android 2.3.2
Google Android 2.3.3
Google Android 2.3.4
Google Android 2.3.5
Google Android 2.3.6
Google Android 2.3.7
7.5
CVSSv2
CVE-2014-8507
Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android prior to 5.0.0 allow remote malicious users to execute arbitrary SQL commands, and consequently launch ...
Google Android
Google Android 1.0
Google Android 1.1
Google Android 1.5
Google Android 1.6
Google Android 2.0
Google Android 2.0.1
Google Android 2.1
Google Android 2.2
Google Android 2.2.1
Google Android 2.2.2
Google Android 2.2.3
1 EDB exploit
8.8
CVSSv3
CVE-2017-0782
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237.
Google Android 4.0
Google Android 4.0.1
Google Android 4.0.2
Google Android 4.0.3
Google Android 4.0.4
Google Android 4.1
Google Android 4.1.2
Google Android 4.2
Google Android 4.2.1
Google Android 4.2.2
Google Android 4.3
Google Android 4.3.1
1 Github repository
6.5
CVSSv3
CVE-2017-0783
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63145701.
Google Android 4.0
Google Android 4.0.1
Google Android 4.0.2
Google Android 4.0.3
Google Android 4.0.4
Google Android 4.1
Google Android 4.1.2
Google Android 4.2
Google Android 4.2.1
Google Android 4.2.2
Google Android 4.3
Google Android 4.3.1
1 Github repository
6.5
CVSSv3
CVE-2017-0785
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698.
Google Android 4.0
Google Android 4.0.1
Google Android 4.0.2
Google Android 4.0.3
Google Android 4.0.4
Google Android 4.1
Google Android 4.1.2
Google Android 4.2
Google Android 4.2.1
Google Android 4.2.2
Google Android 4.3
Google Android 4.3.1
16 Github repositories
7.8
CVSSv2
CVE-2011-3918
The Zygote process in Android 4.0.3 and previous versions accepts fork requests from processes with arbitrary UIDs, which allows remote malicious users to cause a denial of service (reboot loop) via a crafted application.
Google Android
Google Android 1.0
Google Android 1.1
Google Android 1.5
Google Android 1.6
Google Android 2.0
Google Android 2.0.1
Google Android 2.1
Google Android 2.2
Google Android 2.2.1
Google Android 2.2.2
Google Android 2.2.3
1 EDB exploit
7.8
CVSSv3
CVE-2017-0764
A remote code execution vulnerability in the Android media framework (libvorbis). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62872015.
Google Android 4.0
Google Android 4.0.1
Google Android 4.0.2
Google Android 4.0.3
Google Android 4.0.4
Google Android 4.1
Google Android 4.1.2
Google Android 4.2
Google Android 4.2.1
Google Android 4.2.2
Google Android 4.3
Google Android 4.3.1
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-57084
CVE-2024-57672
boldgrid
CVE-2024-12602
insecure direct object reference
unknown
apache shardingsphere elasticjob-ui
CVE-2025-21298
CVE-2025-0411
local users
abb
stored XSS
CVE-2024-57086
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »