Max CVSS 10.0 Min CVSS 4.6 Total Count26
IDCVSSSummaryLast (major) updatePublished
CVE-2015-9016 6.9
In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android
05-04-2018 - 14:29 05-04-2018 - 14:29
CVE-2017-17767 7.2
In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer.
23-02-2018 - 18:29 23-02-2018 - 18:29
CVE-2017-17765 7.2
In all Qualcomm products with Android releases from CAF using the Linux kernel, multiple values received from firmware are not properly validated in wma_get_ll_stats_ext_buf() and are used to allocate the sizes of buffers and may be vulnerable to int
23-02-2018 - 18:29 23-02-2018 - 18:29
CVE-2017-17764 7.2
In all Qualcomm products with Android releases from CAF using the Linux kernel, the num_failure_info value from firmware is not properly validated in wma_rx_aggr_failure_event_handler() so that an integer overflow vulnerability in a buffer size calcu
23-02-2018 - 18:29 23-02-2018 - 18:29
CVE-2017-15862 7.2
In all Qualcomm products with Android releases from CAF using the Linux kernel, in wma_unified_link_radio_stats_event_handler(), the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow v
23-02-2018 - 18:29 23-02-2018 - 18:29
CVE-2017-15861 7.2
In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without validation.
23-02-2018 - 18:29 23-02-2018 - 18:29
CVE-2017-15860 9.3
In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur.
23-02-2018 - 18:29 23-02-2018 - 18:29
CVE-2017-15829 6.9
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition.
23-02-2018 - 18:29 23-02-2018 - 18:29
CVE-2017-15820 7.2
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a KGSL IOCTL handler, a Use After Free Condition can potentially occur.
23-02-2018 - 18:29 23-02-2018 - 18:29
CVE-2017-15817 9.3
In all Qualcomm products with Android releases from CAF using the Linux kernel, when an access point sends a challenge text greater than 128 bytes, the host driver is unable to validate this potentially leading to authentication failure.
23-02-2018 - 18:29 23-02-2018 - 18:29
CVE-2017-14910 10.0
In Snapdragon Automobile, Snapdragon IoT and Snapdragon Mobile MDM9206 MDM9607, MDM9650, S820A, S820Am, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 835, and SD 845, a buffer overread is pos
23-02-2018 - 18:29 23-02-2018 - 18:29
CVE-2017-14884 7.2
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to lack of bounds checking on the variable "data_len" from the function WLANQCMBR_McProcessMsg, a buffer overflow may potentially occur in WLANFTM_McProcessMsg.
23-02-2018 - 18:29 23-02-2018 - 18:29
CVE-2017-13273 6.9
In xt_qtaguid.c, there is a race condition due to insufficient locking. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Andr
14-02-2018 - 21:29 14-02-2018 - 21:29
CVE-2017-13247 4.6
In the Pixel 2 bootloader, there is a missing permission check which bypasses carrier bootloader lock. This could lead to local elevation of privileges with user execution privileges needed. User interaction is not needed for exploitation. Product: A
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13238 4.7
In XBLRamDump mode, there is a debug feature that can be used to dump memory contents, if an attacker has physical access to the device. This could lead to local information disclosure with no additional execution privileges needed. User interaction
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13236 4.6
In the KeyStore service, there is a permissions bypass that allows access to protected resources. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation. Product: Andr
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13234 7.1
In DLSParser of the sonivox library, there is possible resource exhaustion due to a memory leak. This could lead to remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Produc
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13233 7.1
In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible resource exhaustion. This could lead to a remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: A
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13232 7.8
In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not nee
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13231 7.2
In libmediadrm, there is an out-of-bounds write due to improper input validation. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Vers
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13230 9.3
In hevc codec, there is an out-of-bounds write due to an incorrect bounds check with the i2_pic_width_in_luma_samples value. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13228 9.3
In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is need
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-6279 7.2
NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. This issue is rated as high. Product: And
06-02-2018 - 08:29 06-02-2018 - 08:29
CVE-2017-6258 7.2
NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. This issue is rated as high. Product: And
06-02-2018 - 08:29 06-02-2018 - 08:29
CVE-2017-15265 6.9
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clie
16-10-2017 - 14:29 16-10-2017 - 14:29
CVE-2017-11041 9.3
In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another.
21-09-2017 - 11:29 21-09-2017 - 11:29
Back to Top Mark selected
Back to Top