Max CVSS 8.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2017-9702 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a user-space pointer is directly accessed in a camera driver.
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-9696 5.0
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer over-read is possible in camera driver function msm_isp_stop_stats_stream. Variable stream_cfg_cmd->num_streams is from userspace,
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-8279 5.0
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, missing race condition protection while updating msg mask table can lead to buffer over-read. Also access to freed memory can happen while
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-6274 7.5
An elevation of Privilege vulnerability exists in the Thermal Driver, where a missing bounds checks in the thermal throttle driver can cause an out-of-bounds write in the kernel. This issue is rated as moderate. Product: Pixel. Version: N/A. Android
03-10-2019 - 00:03 14-11-2017 - 16:29
CVE-2017-11093 5.0
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID)
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-11090 5.0
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in __wlan_hdd_cfg80211_set_pmksa when user space application sends PMKID of size less than WLAN_PMKID_LEN by
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-11089 5.0
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with d
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-11073 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the qcacld pktlog allows mapping memory via /proc/ath_pktlog/cld to user space.
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-11038 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the boot image header, range checks can be bypassed by supplying different versions of the header at the time of check an
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-11035 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, possible buffer overflow or information leak in the functions "sme_set_ft_ies" and "csr_roam_issue_ft_preauth_req" due to incorrect initia
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-11026 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing FRP partition using reference FRP unlock, authentication method can be compromised for static keys.
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-11023 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads.
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-11012 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_ENCRYPTION_TEST cfg80211 vendor command a stack-based buffer overflow can oc
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-0866 7.2
An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passed as a pointer to kfree. This could lead to kernel memory corruption and possible code execution. Th
03-10-2019 - 00:03 16-11-2017 - 22:29
CVE-2017-0865 4.6
An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-65025090. References: M-ALPS02973195.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0864 4.6
An elevation of privilege vulnerability in the MediaTek ioctl (flashlight). Product: Android. Versions: Android kernel. Android ID: A-37277147. References: M-ALPS03394571.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0863 4.6
An elevation of privilege vulnerability in the Upstream kernel video driver. Product: Android. Versions: Android kernel. Android ID: A-37950620.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0862 7.2
An elevation of privilege vulnerability in the Upstream kernel kernel. Product: Android. Versions: Android kernel. Android ID: A-36006779.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0861 4.6
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0860 4.6
An elevation of privilege vulnerability in the Android system (inputdispatcher). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-31097064.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0859 7.8
Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36075131.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0858 7.8
Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64836894.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0857 7.8
Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65122447.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0854 8.5
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63873837.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0853 8.5
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63121644.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0852 7.8
A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0. Android ID: A-62815506.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0847 7.5
An elevation of privilege vulnerability in the Android media framework (mediaanalytics). Product: Android. Versions: 8.0. Android ID: A-65540999.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0845 5.0
A denial of service vulnerability in the Android framework (syncstorageengine). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35028827.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-0838 7.2
An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-63522818.
03-10-2019 - 00:03 16-11-2017 - 23:29
CVE-2017-6275 5.0
An information disclosure vulnerability exists in the Thermal Driver, where a missing bounds checking in the thermal driver could allow a read from an arbitrary kernel address. This issue is rated as moderate. Product: Pixel. Versions: N/A. Android I
02-08-2019 - 22:15 14-11-2017 - 16:29
CVE-2017-11600 6.9
net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds
14-05-2019 - 23:29 24-07-2017 - 07:29
CVE-2017-3731 5.0
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can
23-04-2019 - 19:29 04-05-2017 - 19:29
CVE-2016-2105 5.0
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
21-02-2019 - 15:09 05-05-2016 - 01:59
CVE-2016-2106 5.0
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
19-07-2018 - 01:29 05-05-2016 - 01:59
CVE-2017-6001 7.6
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: thi
20-06-2018 - 01:29 18-02-2017 - 21:59
CVE-2017-0851 5.0
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-35430570.
07-12-2017 - 21:11 16-11-2017 - 23:29
CVE-2017-0850 5.0
An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-64836941.
07-12-2017 - 21:11 16-11-2017 - 23:29
CVE-2017-0849 5.0
An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62688399.
07-12-2017 - 21:11 16-11-2017 - 23:29
CVE-2017-0848 5.0
An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64477217.
07-12-2017 - 21:11 16-11-2017 - 23:29
CVE-2017-9719 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the kernel driver MDSS, a buffer overflow can occur in HDMI CEC parsing if frame size is out of range.
01-12-2017 - 14:08 16-11-2017 - 22:29
CVE-2017-9701 5.0
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing OEM unlock/unlock-go fastboot commands data leak may occur, resulting from writing uninitialized stack structure to non-v
01-12-2017 - 14:08 16-11-2017 - 22:29
CVE-2017-11091 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function mdss_rotator_ioctl in the driver /dev/mdss_rotator, a Use-After-Free condition can potentially occur due to a fence being
30-11-2017 - 19:32 16-11-2017 - 22:29
CVE-2017-11085 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an integer overflow leading to a buffer overflow due to improper bound checking in msm_audio_effects_virtualizer_handler, file msm-audio-e
30-11-2017 - 19:28 16-11-2017 - 22:29
CVE-2017-11058 5.0
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur.
30-11-2017 - 19:26 16-11-2017 - 22:29
CVE-2017-11032 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc fails to allocate memory for pointers resp/req in the service-locator driver function service_locator
30-11-2017 - 19:23 16-11-2017 - 22:29
CVE-2017-11029 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided bu
30-11-2017 - 19:22 16-11-2017 - 22:29
CVE-2017-11027 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing UBI image, size is not validated for being smaller than minimum header size causing unintialized data access vulnerability.
30-11-2017 - 19:21 16-11-2017 - 22:29
CVE-2017-11025 4.4
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the function audio_effects_shared_ioctl(), memory corruption can occur.
30-11-2017 - 19:16 16-11-2017 - 22:29
CVE-2017-11024 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in the rmnet USB control driver can potentially lead to a Use After Free condition.
30-11-2017 - 19:15 16-11-2017 - 22:29
CVE-2017-11022 5.0
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the probe requests originated from user's phone contains the information elements which specifies the supported wifi features. This shall
30-11-2017 - 19:14 16-11-2017 - 22:29
CVE-2017-11018 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, array access out of bounds may occur in the camera driver in the kernel
30-11-2017 - 19:13 16-11-2017 - 22:29
CVE-2017-9721 4.6
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the boot loader, a buffer overflow can occur while parsing the splash image.
30-11-2017 - 19:05 16-11-2017 - 22:29
CVE-2017-8239 4.3
In all Android releases from CAF using the Linux kernel, userspace-controlled parameters for flash initialization are not sanitized potentially leading to exposure of kernel memory.
17-11-2017 - 02:29 13-06-2017 - 20:29
Back to Top Mark selected
Back to Top