Mobile device vulnerabilities

Showing 2751 - 2800 of 4.2K CVEs

  1. CVE-2014-9972 Published Aug 18, 2017

    In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts can potentially cause a NULL pointer dereference during an out-of-memory condition.

  2. CVE-2014-9971 Published Aug 18, 2017

    In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow.

  3. CVE-2014-9969 Published Aug 18, 2017

    In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client may use an insecure cryptographic algorithm.

  4. CVE-2014-9968 Published Aug 18, 2017

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the UIMDIAG interface.

  5. CVE-2014-9411 Published Aug 18, 2017

    In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection.

  6. CVE-2017-0687 Published Aug 18, 2017

    A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35583675.

  7. CVE-2017-8248 Published Aug 16, 2017

    A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation.

  8. CVE-2017-8243 Published Aug 16, 2017

    A buffer overflow can occur in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android when processing a firmware image file.

  9. CVE-2017-6421 Published Aug 16, 2017

    In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow.

  10. CVE-2016-5867 Published Aug 16, 2017

    In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow.

  11. CVE-2016-5864 Published Aug 16, 2017

    In an audio driver function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, some parameters are from userspace, and if they are set to a large value, integer overflow is possible followed by buffer overflow. In another function, a missing check for a lower bound may result in an out of bounds memory access.

  12. CVE-2016-5863 Published Aug 16, 2017

    In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses.

  13. CVE-2016-5862 Published Aug 16, 2017

    When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel crash occurs.

  14. CVE-2016-5861 Published Aug 16, 2017

    In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow.

  15. CVE-2016-5860 Published Aug 16, 2017

    In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a heap buffer overflow.

  16. CVE-2016-5859 Published Aug 16, 2017

    In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow.

  17. CVE-2016-5858 Published Aug 16, 2017

    In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs.

  18. CVE-2016-5855 Published Aug 16, 2017

    In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough.

  19. CVE-2016-5854 Published Aug 16, 2017

    In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace.

  20. CVE-2016-5853 Published Aug 16, 2017

    In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed, but code execution continues in the same way as for a correct length value.

  21. CVE-2016-5347 Published Aug 16, 2017

    In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver.

  22. CVE-2017-8273 Published Aug 11, 2017

    In all Qualcomm products with Android release from CAF using the Linux kernel, while processing fastboot boot command when verified boot feature is disabled, with length greater than boot image buffer, a buffer overflow can occur.

  23. CVE-2017-8271 Published Aug 11, 2017

    Out of bound memory write can happen in the MDSS Rotator driver in all Qualcomm products with Android releases from CAF using the Linux kernel by an unsanitized userspace-controlled parameter.

  24. CVE-2017-8269 Published Aug 11, 2017

    Userspace-controlled non null terminated parameter for IPA WAN ioctl in all Qualcomm products with Android releases from CAF using the Linux kernel can lead to exposure of kernel memory.

  25. CVE-2017-8264 Published Aug 11, 2017

    A userspace process can cause a Denial of Service in the camera driver in all Qualcomm products with Android releases from CAF using the Linux kernel.

  26. CVE-2017-8259 Published Aug 11, 2017

    In the service locator in all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow can occur as the variable set for determining the size of the buffer is not used to indicate the size of the buffer.

  27. CVE-2017-8258 Published Aug 11, 2017

    An array out-of-bounds access in all Qualcomm products with Android releases from CAF using the Linux kernel can potentially occur in a camera driver.

  28. CVE-2017-0750 Published Aug 9, 2017

    A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013.

  29. CVE-2017-0749 Published Aug 9, 2017

    A elevation of privilege vulnerability in the Upstream Linux linux kernel. Product: Android. Versions: Android kernel. Android ID: A-36007735.

  30. CVE-2017-0747 Published Aug 9, 2017

    A elevation of privilege vulnerability in the Qualcomm proprietary component. Product: Android. Versions: Android kernel. Android ID: A-32524214. References: QC-CR#2044821.

  31. CVE-2017-0746 Published Aug 9, 2017

    A elevation of privilege vulnerability in the Qualcomm ipa driver. Product: Android. Versions: Android kernel. Android ID: A-35467471. References: QC-CR#2029392.

  32. CVE-2017-0745 Published Aug 9, 2017

    A remote code execution vulnerability in the Android media framework (avc decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37079296.

  33. CVE-2017-0742 Published Aug 9, 2017

    A elevation of privilege vulnerability in the MediaTek video driver. Product: Android. Versions: Android kernel. Android ID: A-36074857. References: M-ALPS03275524.

  34. CVE-2017-0741 Published Aug 9, 2017

    A elevation of privilege vulnerability in the MediaTek gpu driver. Product: Android. Versions: Android kernel. Android ID: A-32458601. References: M-ALPS03007523.

  35. CVE-2017-0740 Published Aug 9, 2017

    A remote code execution vulnerability in the Broadcom networking driver. Product: Android. Versions: Android kernel. Android ID: A-37168488. References: B-RB#116402.

  36. CVE-2017-0739 Published Aug 9, 2017

    A information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37712181.

  37. CVE-2017-0738 Published Aug 9, 2017

    A information disclosure vulnerability in the Android media framework (audioserver). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37563371.

  38. CVE-2017-0737 Published Aug 9, 2017

    A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37563942.

  39. CVE-2017-0736 Published Aug 9, 2017

    A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38487564.

  40. CVE-2017-0735 Published Aug 9, 2017

    A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38239864.

  41. CVE-2017-0734 Published Aug 9, 2017

    A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38014992.

  42. CVE-2017-0733 Published Aug 9, 2017

    A denial of service vulnerability in the Android media framework (libmediaplayerservice). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38391487.

  43. CVE-2017-0732 Published Aug 9, 2017

    A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37504237.

  44. CVE-2017-0731 Published Aug 9, 2017

    A elevation of privilege vulnerability in the Android media framework (mpeg4 encoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36075363.

  45. CVE-2017-0730 Published Aug 9, 2017

    A denial of service vulnerability in the Android media framework (h264 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36279112.

  46. CVE-2017-0729 Published Aug 9, 2017

    A elevation of privilege vulnerability in the Android media framework (mediadrmserver). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37710346.

  47. CVE-2017-0728 Published Aug 9, 2017

    A denial of service vulnerability in the Android media framework (hevc decoder). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37469795.

  48. CVE-2017-0727 Published Aug 9, 2017

    A elevation of privilege vulnerability in the Android media framework (libgui). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-33004354.

  49. CVE-2017-0726 Published Aug 9, 2017

    A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36389123.

  50. CVE-2017-0725 Published Aug 9, 2017

    A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37627194.