Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android api vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-11081
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers defined in this API can ho...
Google Android -
7.5
CVSSv3
CVE-2017-18679
An issue exists on Samsung mobile devices with M(6.0) software. SLocation can cause a system crash via a call to an API that is not implemented. The Samsung ID is SVE-2017-8285 (April 2017).
Google Android 6.0
5.3
CVSSv3
CVE-2017-18658
An issue exists on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows malicious users to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017).
Google Android 6.0
5.7
CVSSv3
CVE-2020-24721
An issue exists in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-09-29, as used in COVID-19 applications on Android and iOS. It allows a user to be put in a position where he or she can be coerced into proving or disproving an exposure notification, bec...
Apple Exposure Notifications
Google Exposure Notifications
NA
CVE-2013-6282
The (1) get_user and (2) put_user API functions in the Linux kernel prior to 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows malicious users to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exp...
Linux Linux Kernel
2 EDB exploits
8 Github repositories
7.8
CVSSv3
CVE-2022-20421
In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An...
Google Android -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
7.5
CVSSv3
CVE-2015-8269
The API on Fisher-Price Smart Toy Bear devices allows remote malicious users to obtain sensitive information or modify data by leveraging presence in an 802.11 network's coverage area and entering an account number.
Fisher-price Smart Toy Bear
7 Github repositories
7.5
CVSSv3
CVE-2023-25747
A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 110.1.0.
Mozilla Firefox
7.8
CVSSv3
CVE-2020-11292
Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & ...
Qualcomm Apq8009 Firmware -
Qualcomm Apq8009w Firmware -
Qualcomm Apq8017 Firmware -
Qualcomm Apq8037 Firmware -
Qualcomm Apq8053 Firmware -
Qualcomm Apq8084 Firmware -
Qualcomm Apq8096au Firmware -
Qualcomm Aqt1000 Firmware -
Qualcomm Ar6003 Firmware -
Qualcomm Csr6030 Firmware -
Qualcomm Csrb31024 Firmware -
Qualcomm Mdm8207 Firmware -
Qualcomm Mdm8215 Firmware -
Qualcomm Mdm8215m Firmware -
Qualcomm Mdm8615m Firmware -
Qualcomm Mdm9150 Firmware -
Qualcomm Mdm9205 Firmware -
Qualcomm Mdm9206 Firmware -
Qualcomm Mdm9207 Firmware -
Qualcomm Mdm9215 Firmware -
Qualcomm Mdm9230 Firmware -
Qualcomm Mdm9250 Firmware -
1 Article
4.9
CVSSv3
CVE-2023-20194
A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote malicious user to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affec...
Cisco Identity Services Engine
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »