Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
android vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0608
Integer overflow in the showLog function in fake_log_device.c in liblog in Open Handset Alliance Android 1.0 allows attackers to trigger a buffer overflow and possibly have unspecified other impact by sending a large number of input lines....
Android
Android Sdk
NA
CVE-2009-0475
Integer underflow in the Huffman decoding functionality (pvmp3_huffman_parsing.cpp) in OpenCORE 2.0 and earlier allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a crafted MP3 file that triggers heap corruption....
Android
Opencore
NA
CVE-2014-1969
Directory traversal vulnerability in the apps4u@android SD Card Manager application before 20140224 for Android allows attackers to overwrite or create arbitrary files via a crafted filename....
Apps4u@android
Sd Card Manager
NA
CVE-2008-7298
The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict...
Android
Android Browser
Google
7.8
CVSSv3
CVE-2017-14898
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE contains fewer than 1 byte, a...
Google
Android
1 Github repository available
7.8
CVSSv3
CVE-2017-13182
In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User...
Google
Android
7
CVSSv3
CVE-2017-15856
Due to a race condition while processing the power stats debug file to read status, a double free condition can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05....
Google
Android
2 Github repositories available
7.8
CVSSv3
CVE-2017-15854
The value of fix_param->num_chans is received from firmware and if it is too large, an integer overflow can occur in wma_radio_chan_stats_event_handler() for the derived length len leading to a subsequent buffer overflow in all Android releases from CAF (Android for MSM,...
Google
Android
3 Github repositories available
5.5
CVSSv3
CVE-2017-0647
An information disclosure vulnerability in libziparchive could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions:...
Google
Android
6.8
CVSSv3
CVE-2016-3876
providers/settings/SettingsProvider.java in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the SAFE_BOOT_DISALLOWED protection mechanism and boot to safe mode via the Android Debug Bridge (adb) tool, aka internal bug...
Google
Android
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-8142
CVE-2019-17230
compass-compile project
inject
CVE-2020-7619
XML injection
debian linux
linux
file upload
jscover project
CVE-2020-1728
CVE-2020-3947
CVE-2020-11107
1
2
3
4
5
NEXT »
Vulmon