| Max CVSS | 9.4 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-14999 | 9.4 |
The Leagoo P1 device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.wtk.factory (versionCode=1, versionName=1.0) that contains a
|
24-08-2020 - 17:37 | 25-04-2019 - 20:29 | |
| CVE-2018-14992 | 2.1 |
The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains a pre-installed platform app with a package name of com.asus.dm (versionCode=1510500200,
|
24-08-2020 - 17:37 | 28-12-2018 - 21:29 | |
| CVE-2018-14987 | 5.6 |
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201_N/m201_N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android (versionCode=19, versionName=4.4.2-20170213) that dynamically registe
|
24-08-2020 - 17:37 | 28-12-2018 - 21:29 | |
| CVE-2018-15000 | 3.3 |
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.smartshot (versionCode=1, versionName=3.0.0). This app contains an exported se
|
03-10-2019 - 00:03 | 25-04-2019 - 20:29 | |
| CVE-2018-14998 | 7.2 |
The Leagoo P1 Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a hidden root privilege escalation capability to achieve command execution as the root user. They have made
|
03-10-2019 - 00:03 | 28-12-2018 - 21:29 | |
| CVE-2018-14996 | 7.2 |
The Oppo F5 Android device with a build fingerprint of OPPO/CPH1723/CPH1723:7.1.1/N6F26Q/1513597833:user/release-keys contains a pre-installed platform app with a package name of com.dropboxchmod (versionCode=1, versionName=1.0) that contains an expo
|
03-10-2019 - 00:03 | 25-04-2019 - 20:29 | |
| CVE-2018-14985 | 5.6 |
The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.android.settings (versionCode=23, versionName=6.0-a
|
03-10-2019 - 00:03 | 28-12-2018 - 21:29 | |
| CVE-2018-15005 | 5.6 |
The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contains a pre-installed platform app with a package name of com.zte.zdm.sdm (versionCode=31, versionName=V5.0.3) that con
|
03-10-2019 - 00:03 | 28-12-2018 - 21:29 | |
| CVE-2018-15006 | 4.9 |
The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contains a pre-installed platform app with a package name of com.android.zte.hiddenmenu (versionCode=23, versionName=6.0.1
|
03-10-2019 - 00:03 | 28-12-2018 - 21:29 | |
| CVE-2018-14997 | 2.1 |
The Leagoo P1 Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains the android framework (i.e., system_server) with a package name of android that has been modified by Leagoo
|
03-10-2019 - 00:03 | 25-04-2019 - 20:29 | |
| CVE-2018-14993 | 7.2 |
The ASUS Zenfone V Live Android device with a build fingerprint of asus/VZW_ASUS_A009/ASUS_A009:7.1.1/NMF26F/14.0610.1802.78-20180313:user/release-keys and the Asus ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.
|
03-10-2019 - 00:03 | 25-04-2019 - 20:29 | |
| CVE-2018-15003 | 5.0 |
The Coolpad Defiant (Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys) and the T-Mobile Revvl Plus (Coolpad/alchemy/alchemy:7.1.1/143.14.171129.3701A-TMO/buildf_nj_02-206:user/release-keys) Android devices contain a pre-installed plat
|
02-05-2019 - 18:52 | 25-04-2019 - 20:29 | |
| CVE-2018-14994 | 9.4 |
The Essential Phone Android device with a build fingerprint of essential/mata/mata:8.1.0/OPM1.180104.166/297:user/release-keys contains a pre-installed platform app with a package name of com.ts.android.hiddenmenu (versionName=1.0, platformBuildVersi
|
02-05-2019 - 17:50 | 25-04-2019 - 20:29 | |
| CVE-2018-14991 | 7.5 |
The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Rev
|
02-05-2019 - 17:28 | 25-04-2019 - 20:29 | |
| CVE-2018-14990 | 5.0 |
The Coolpad Defiant device with a build fingerprint of Coolpad/cp3632a/cp3632a:7.1.1/NMF26F/099480857:user/release-keys, the ZTE ZMAX Pro with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, and the T-Mobile Rev
|
02-05-2019 - 16:39 | 25-04-2019 - 20:29 | |
| CVE-2018-14989 | 9.4 |
The Plum Compass Android device with a build fingerprint of PLUM/c179_hwf_221/c179_hwf_221:6.0/MRA58K/W16.51.5-22:user/release-keys contains a pre-installed platform app with a package name of com.android.settings (versionCode=23, versionName=6.0-eng
|
02-05-2019 - 16:29 | 25-04-2019 - 20:29 | |
| CVE-2018-14979 | 1.9 |
The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains a pre-installed app with a package name of com.asus.loguploader (versionCode=1570000275,
|
22-02-2019 - 20:31 | 28-12-2018 - 21:29 | |
| CVE-2018-14988 | 7.8 |
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201_N/m201_N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android (versionCode=19, versionName=4.4.2-20170213) that contains an exporte
|
15-02-2019 - 19:24 | 28-12-2018 - 21:29 | |
| CVE-2018-15007 | 4.6 |
The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x6069_trx_l601_sky/x6069_trx_l601_sky:6.0/MRA58K/1482897127:user/release-keys contains a pre-installed platform app with a package name of com.fw.upgrade.sysoper (versionCode=238, ver
|
14-02-2019 - 18:05 | 28-12-2018 - 21:29 | |
| CVE-2018-14986 | 5.0 |
The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging (versionCode=1000110, versionName=1.0.001,
|
14-02-2019 - 17:57 | 28-12-2018 - 21:29 | |
| CVE-2018-14984 | 5.0 |
The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging (versionCode=1000110, versionName=1.0.001,
|
14-02-2019 - 17:31 | 28-12-2018 - 21:29 | |
| CVE-2018-14995 | 1.9 |
The ZTE Blade Vantage Android device with a build fingerprint of ZTE/Z839/sweet:7.1.1/NMF26V/20180120.095344:user/release-keys, the ZTE Blade Spark Android device with a build fingerprint of ZTE/Z971/peony:7.1.1/NMF26V/20171129.143111:user/release-ke
|
07-02-2019 - 17:36 | 28-12-2018 - 21:29 | |
| CVE-2018-15004 | 4.3 |
The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M/093031423:user/release-keys contains a platform app with a package name of com.qualcomm.qti.modemtestmode (versionCode=24, versionName=7.0) that contains an expo
|
07-02-2019 - 17:34 | 28-12-2018 - 21:29 | |
| CVE-2018-15002 | 1.9 |
The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys allows any app co-located on the device to set system properties as the com.android.phone user. The com.qualcomm.qti.modemtestmode app (versio
|
07-02-2019 - 17:25 | 28-12-2018 - 21:29 | |
| CVE-2018-15001 | 2.1 |
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.bsptest (versionCode=1, versionName=1.0) containing an exported activity app c
|
07-02-2019 - 17:19 | 28-12-2018 - 21:29 |