Every CVE whose affected-product data names Google Android, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2015-8072 — CVSS 10.0 (critical): mediaserver in Android 4.4 through 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or…
CVE-2015-6601 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-6600 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-6599 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-7716 — CVSS 10.0 (critical): libstagefright in Android 5.x before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-6598 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-6575 — CVSS 10.0 (critical): SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly consider integer promotion, which allows remote…
CVE-2015-6682 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521…
CVE-2015-6678 — CVSS 10.0 (critical): Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux…
CVE-2015-5588 — CVSS 10.0 (critical): Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before…
CVE-2014-7917 — CVSS 10.0 (critical): Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug…
CVE-2015-6677 — CVSS 10.0 (critical): Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before…
CVE-2015-5584 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521…
CVE-2015-5573 — CVSS 10.0 (critical): Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before…
CVE-2015-5570 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521…
CVE-2015-5568 — CVSS 10.0 (critical): Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before…
CVE-2015-5567 — CVSS 10.0 (critical): Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before…
CVE-2025-48611 — CVSS 10.0 (critical): In DeviceId of DeviceId.java, there is a possible desync in persistence due to a missing bounds check. This could lead to local escalation…
CVE-2015-3877 — CVSS 10.0 (critical): Skia, as used in Android before 5.1.1 LMY48T, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3875 — CVSS 10.0 (critical): libutils in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption)…
CVE-2014-7916 — CVSS 10.0 (critical): Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug…
CVE-2015-3874 — CVSS 10.0 (critical): The Sonivox components in Android before 5.1.1 LMY48T allow remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-6676 — CVSS 10.0 (critical): Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux…
CVE-2015-5581 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521…
CVE-2015-3873 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3872 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3871 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3870 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3869 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3868 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3867 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3864 — CVSS 10.0 (critical): Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1…
CVE-2015-3836 — CVSS 10.0 (critical): The Parse_wave function in arm-wt-22k/lib_src/eas_mdls.c in the Sonivox DLS-to-EAS converter in Android before 5.1.1 LMY48I does not reject…
CVE-2015-3834 — CVSS 10.0 (critical): Multiple integer overflows in the BnHDCP::onTransact function in media/libmedia/IHDCP.cpp in libstagefright in Android before 5.1.1 LMY48I…
CVE-2015-5580 — CVSS 10.0 (critical): Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before…
CVE-2015-5578 — CVSS 10.0 (critical): Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before…
CVE-2015-5577 — CVSS 10.0 (critical): Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before…
CVE-2015-6610 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain privileges or cause a denial of service…
CVE-2014-7915 — CVSS 10.0 (critical): Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug…
CVE-2015-5575 — CVSS 10.0 (critical): Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before…
CVE-2015-3832 — CVSS 10.0 (critical): Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute…
CVE-2015-3829 — CVSS 10.0 (critical): Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows…
CVE-2015-5582 — CVSS 10.0 (critical): Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before…
CVE-2015-3828 — CVSS 10.0 (critical): The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a…
CVE-2015-3824 — CVSS 10.0 (critical): The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict…
CVE-2015-6609 — CVSS 10.0 (critical): libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2015-3823 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-6608 — CVSS 10.0 (critical): mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a…
CVE-2015-6604 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3107 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before…
CVE-2026-0092: In Package Manager, there is a possible device lock controller bypass due to a missing permission check. This could lead to local…
CVE-2015-8073 — CVSS 10.0 (critical): mediaserver in Android 4.4 and 5.1 before 5.1.1 LMY48X allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2015-3106 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before…
CVE-2015-3105 — CVSS 10.0 (critical): Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe…
CVE-2015-3104 — CVSS 10.0 (critical): Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before…
CVE-2015-6603 — CVSS 10.0 (critical): libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2015-3103 — CVSS 10.0 (critical): Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before…
CVE-2015-3100 — CVSS 10.0 (critical): Stack-based buffer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before…
CVE-2015-1539 — CVSS 10.0 (critical): Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow…
CVE-2015-1538 — CVSS 10.0 (critical): Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I…
CVE-2015-1474 — CVSS 10.0 (critical): Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android…
CVE-2011-2344 — CVSS 10.0 (critical): Android Picasa in Android 3.0 and 2.x through 2.3.4 uses a cleartext HTTP session when transmitting the authToken obtained from…
CVE-2015-9065 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to a UEInformationRequest before Access…
CVE-2020-0103 — CVSS 9.8 (critical): In a2dp_aac_decoder_cleanup of a2dp_aac_decoder.cc, there is a possible invalid free due to memory corruption. This could lead to remote…
CVE-2020-0086 — CVSS 9.8 (critical): In readCString of Parcel.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to arbitrary code…
CVE-2020-0073 — CVSS 9.8 (critical): In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2020-0072 — CVSS 9.8 (critical): In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2020-0071 — CVSS 9.8 (critical): In rw_t2t_extract_default_locks_info of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could…
CVE-2020-0070 — CVSS 9.8 (critical): In rw_t2t_update_lock_attributes of rw_t2t_ndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2015-9066 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an Inter-RAT…
CVE-2019-9459 — CVSS 9.8 (critical): In libttspico, there is a possible OOB write due to a heap buffer overflow. This could lead to remote escalation of privilege with no…
CVE-2019-9365 — CVSS 9.8 (critical): In Bluetooth, there is a possible deserialization error due to missing string validation. This could lead to remote code execution with no…
CVE-2015-9067 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler optimization of memset() is addressed.
CVE-2015-9068 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a mink syscall is not properly validated.
CVE-2015-9069 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File System can become corrupted.
CVE-2015-9070 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone…
CVE-2015-9071 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone…
CVE-2015-9072 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone…
CVE-2015-9073 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone…
CVE-2019-9301 — CVSS 9.8 (critical): In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no…
CVE-2024-32905 — CVSS 9.8 (critical): In circ_read of link_device_memory_legacy.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to…
CVE-2016-0705 — CVSS 9.8 (critical): Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g…
CVE-2024-29786 — CVSS 9.8 (critical): In pktproc_fill_data_addr_without_bm of link_rx_pktproc.c, there is a possible out of bounds write due to a missing bounds check. This…
CVE-2016-0801 — CVSS 9.8 (critical): The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote…
CVE-2016-0803 — CVSS 9.8 (critical): libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to…
CVE-2016-0804 — CVSS 9.8 (critical): The NuPlayer::GenericSource::notifyPreparedAndCleanup function in media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in…
CVE-2024-29756 — CVSS 9.8 (critical): In afe_callback of q6afe.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of…
CVE-2020-0455 — CVSS 9.8 (critical): There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170372514
CVE-2020-0452 — CVSS 9.8 (critical): In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code…
CVE-2020-0447 — CVSS 9.8 (critical): There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-168251617
CVE-2015-9011 — CVSS 9.8 (critical): An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID…
CVE-2020-0446 — CVSS 9.8 (critical): There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-168264528
CVE-2020-0445 — CVSS 9.8 (critical): There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-168264527
CVE-2015-9012 — CVSS 9.8 (critical): An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID…
CVE-2015-9013 — CVSS 9.8 (critical): An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID…
CVE-2015-9014 — CVSS 9.8 (critical): An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID…
CVE-2026-0006 — CVSS 9.8 (critical): In multiple locations, there is a possible out of bounds read and write due to a heap buffer overflow. This could lead to remote code…
CVE-2025-48626 — CVSS 9.8 (critical): In multiple locations, there is a possible way to launch an application from the background due to a precondition check failure. This could…
CVE-2014-9902 — CVSS 9.8 (critical): Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013)…
CVE-2020-0380 — CVSS 9.8 (critical): In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code…
CVE-2020-0354 — CVSS 9.8 (critical): In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no…
CVE-2020-0342 — CVSS 9.8 (critical): There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812576
CVE-2020-0333 — CVSS 9.8 (critical): In UrlQuerySanitizer, there is a possible improper input validation. This could lead to remote code execution with no additional execution…
CVE-2020-0278 — CVSS 9.8 (critical): There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812574
CVE-2020-0253 — CVSS 9.8 (critical): There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152647365
CVE-2020-0252 — CVSS 9.8 (critical): There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152236803
CVE-2024-32913 — CVSS 9.8 (critical): In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote…
CVE-2024-32911 — CVSS 9.8 (critical): There is a possible escalation of privilege due to improperly used crypto. This could lead to remote escalation of privilege with no…
CVE-2015-9034 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a string can fail to be null-terminated in SIP leading to a…
CVE-2015-9035 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer…
CVE-2015-9036 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, an incorrect length is used to clear a memory buffer…
CVE-2015-9037 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read may occur in the processing of a…
CVE-2015-9038 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may be dereferenced in the front end.
CVE-2015-9039 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in eMBMS where an assertion can be…
CVE-2020-0235 — CVSS 9.8 (critical): In crus_sp_shared_ioctl we first copy 4 bytes from userdata into "size" variable, and then use that variable as the size parameter for…
CVE-2020-0232 — CVSS 9.8 (critical): Function abc_pcie_issue_dma_xfer_sync creates a transfer object, adds it to the session object then continues to work with it. A concurrent…
CVE-2020-0231 — CVSS 9.8 (critical): There is a possible out of bounds write due to an incorrect bounds check. Product: AndroidVersions: Android SoCAndroid ID: A-156333727
CVE-2015-9040 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in a GERAN API.
CVE-2015-9041 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when performing…
CVE-2015-9042 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when processing a…
CVE-2015-9043 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a…
CVE-2015-9044 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be…
CVE-2015-9045 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GERAN where a buffer can be…
CVE-2015-9046 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be…
CVE-2015-9047 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GNSS when performing a scan after…
CVE-2015-9048 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of lost RTP…
CVE-2020-0230 — CVSS 9.8 (critical): There is a possible out of bounds write due to an incorrect bounds check. Product: AndroidVersions: Android SoCAndroid ID: A-156337262
CVE-2020-0229 — CVSS 9.8 (critical): There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-156333725
CVE-2020-0225 — CVSS 9.8 (critical): In a2dp_vendor_ldac_decoder_decode_packet of a2dp_vendor_ldac_decoder.cc, there is a possible out of bounds write due to a missing bounds…
CVE-2020-0224 — CVSS 9.8 (critical): In FastKeyAccumulator::GetKeysSlow of keys.cc, there is a possible out of bounds write due to type confusion. This could lead to remote…
CVE-2020-0223 — CVSS 9.8 (critical): This is an unbounded write into kernel global memory, via a user-controlled buffer size.Product: AndroidVersions: Android kernelAndroid ID…
CVE-2020-0221 — CVSS 9.8 (critical): Airbrush FW's scratch memory allocator is susceptible to numeric overflow. When the overflow occurs, the next allocation could potentially…
CVE-2020-0217 — CVSS 9.8 (critical): In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code…
CVE-2015-9049 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of certain…
CVE-2020-0201 — CVSS 9.8 (critical): In showSecurityFields of WifiConfigController.java there is a possible credential leak due to a confused deputy. This could lead to remote…
CVE-2020-0138 — CVSS 9.8 (critical): In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote…
CVE-2015-9050 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists where an array out of bounds access…
CVE-2020-0123 — CVSS 9.8 (critical): There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-149871374
CVE-2020-0117 — CVSS 9.8 (critical): In aes_cmac of aes_cmac.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in…
CVE-2015-9051 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be…
CVE-2015-9052 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be…
CVE-2015-9053 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the processing of…
CVE-2015-9054 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced during GAL decoding.
CVE-2015-9055 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a memory…
CVE-2015-9060 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not properly validated in a QTEE system call.
CVE-2015-9061 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, playReady DRM failed to check a length potentially leading…
CVE-2015-9062 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists…
CVE-2015-9063 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a procedure…
CVE-2015-9064 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send IMEI or IMEISV to the network on a network…
CVE-2019-2205 — CVSS 9.8 (critical): In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption due to a use after free. This could lead to…
CVE-2019-2204 — CVSS 9.8 (critical): In FindSharedFunctionInfo of objects.cc, there is a possible out of bounds read due to a mistake in AST traversal. This could lead to…
CVE-2019-2130 — CVSS 9.8 (critical): In CompilationJob::FinalizeJob of compiler.cc, there is a possible remote code execution due to type confusion. This could lead to…
CVE-2016-0815 — CVSS 9.8 (critical): The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before…
CVE-2019-2111 — CVSS 9.8 (critical): In loop of DnsTlsSocket.cpp, there is a possible heap memory corruption due to a use after free. This could lead to remote code execution…
CVE-2016-0816 — CVSS 9.8 (critical): mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2024-27228 — CVSS 9.8 (critical): there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional…
CVE-2019-2097 — CVSS 9.8 (critical): In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to type confusion. This could lead to remote…
CVE-2016-0835 — CVSS 9.8 (critical): decoder/impeg2d_dec_hdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a…
CVE-2016-0837 — CVSS 9.8 (critical): MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before…
CVE-2016-0838 — CVSS 9.8 (critical): Sonivox in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for a…
CVE-2016-0839 — CVSS 9.8 (critical): post_proc/volume_listener.c in mediaserver in Android 6.x before 2016-04-01 mishandles deleted effect context, which allows remote…
CVE-2016-0841 — CVSS 9.8 (critical): media/libmedia/mediametadataretriever.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x…
CVE-2016-10229 — CVSS 9.8 (critical): udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second…
CVE-2016-10230 — CVSS 9.8 (critical): A remote code execution vulnerability in the Qualcomm crypto driver. Product: Android. Versions: Android kernel. Android ID: A-34389927…
CVE-2014-9411 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially…
CVE-2016-10233 — CVSS 9.8 (critical): An elevation of privilege vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-34389926…
CVE-2019-20782 — CVSS 9.8 (critical): An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. LG Advanced Flash (LAF) has a buffer…
CVE-2019-20780 — CVSS 9.8 (critical): An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Certain security settings, related to…
CVE-2019-20778 — CVSS 9.8 (critical): An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Backup subsystem does not…
CVE-2019-20777 — CVSS 9.8 (critical): An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA…
CVE-2019-20772 — CVSS 9.8 (critical): An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. The Account subsystem allows…
CVE-2024-20148 — CVSS 9.8 (critical): In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent)…
CVE-2024-20103 — CVSS 9.8 (critical): In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with…
CVE-2024-20101 — CVSS 9.8 (critical): In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no…
CVE-2016-10298 — CVSS 9.8 (critical): An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID…
CVE-2016-10299 — CVSS 9.8 (critical): An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID…
CVE-2024-20100 — CVSS 9.8 (critical): In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no…
CVE-2024-20083 — CVSS 9.8 (critical): In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with…
CVE-2017-0807 — CVSS 9.8 (critical): An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0…
CVE-2024-20080 — CVSS 9.8 (critical): In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation…
CVE-2024-20078 — CVSS 9.8 (critical): In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System…
CVE-2017-0822 — CVSS 9.8 (critical): An elevation of privilege vulnerability in the Android system (camera). Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android…
CVE-2019-20622 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a baseband stack…
CVE-2017-0824 — CVSS 9.8 (critical): An elevation of privilege vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37622847…
CVE-2019-20621 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a baseband heap…
CVE-2017-0828 — CVSS 9.8 (critical): An elevation of privilege vulnerability in the Huawei bootloader. Product: Android. Versions: Android kernel. Android ID: A-34622855.
CVE-2017-0829 — CVSS 9.8 (critical): An elevation of privilege vulnerability in the Motorola bootloader. Product: Android. Versions: Android kernel. Android ID: A-62345044.
CVE-2016-10343 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in…
CVE-2016-10344 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially…
CVE-2016-10346 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor.
CVE-2016-10347 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hypervisor function is not properly…
CVE-2016-10380 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE…
CVE-2016-10381 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE…
CVE-2016-10382 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient.
CVE-2016-10384 — CVSS 9.8 (critical): In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver…
CVE-2019-20611 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), Go(8.1), P(9.0), and Go(9.0) (Exynos chipsets) software. A baseband…
CVE-2017-0847 — CVSS 9.8 (critical): An elevation of privilege vulnerability in the Android media framework (mediaanalytics). Product: Android. Versions: 8.0. Android ID…
CVE-2019-20607 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890…
CVE-2019-20605 — CVSS 9.8 (critical): An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A heap overflow occurs for…