Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android api vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-3698
An unspecified function in the Dalvik API in Android 1.5 and previous versions allows remote malicious users to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656.
Google Android
9.3
CVSSv2
CVE-2015-6606
The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin in Android prior to 5.1.1 LMY48T allows malicious users to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 22301786.
Google Android
1 Github repository
NA
CVE-2023-21370
In the Security Element API, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Google Android
7.2
CVSSv2
CVE-2018-6241
NVIDIA Tegra Gralloc module contains a vulnerability in driver in which it does not validate input parameter of the registerbuffer API, which may lead to arbitrary code execution, denial of service, or escalation of privileges. Android ID: A-62540032 Severity Rating: High Version...
Google Android -
7.2
CVSSv2
CVE-2018-11852
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write.
Google Android -
4.6
CVSSv2
CVE-2017-11081
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers defined in this API can ho...
Google Android -
7.8
CVSSv2
CVE-2017-18679
An issue exists on Samsung mobile devices with M(6.0) software. SLocation can cause a system crash via a call to an API that is not implemented. The Samsung ID is SVE-2017-8285 (April 2017).
Google Android 6.0
5
CVSSv2
CVE-2017-18658
An issue exists on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows malicious users to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017).
Google Android 6.0
3.3
CVSSv2
CVE-2020-24721
An issue exists in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-09-29, as used in COVID-19 applications on Android and iOS. It allows a user to be put in a position where he or she can be coerced into proving or disproving an exposure notification, bec...
Apple Exposure Notifications
Google Exposure Notifications
NA
CVE-2022-20421
In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An...
Google Android -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »