Total
3038 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9113 | 1 Qualcomm | 20 Mdm9625, Mdm9625 Firmware, Sd 425 and 17 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, and SD 820A, untrusted pointer dereference in QSEE Syscall without proper validation can lead to access of blacklisted memory. | |||||
| CVE-2015-9111 | 1 Qualcomm | 18 Mdm9625, Mdm9625 Firmware, Sd 425 and 15 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, in a QTEE syscall handler, an untrusted pointer dereference can occur. | |||||
| CVE-2015-9109 | 1 Qualcomm | 18 Mdm9625, Mdm9625 Firmware, Sd 425 and 15 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, lack of address argument validation inqsee_fuse_write could lead to untrusted pointer dereference. | |||||
| CVE-2015-9100 | 1 Lame Project | 1 Lame | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file. | |||||
| CVE-2015-9073 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall. | |||||
| CVE-2015-9072 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall. | |||||
| CVE-2015-9054 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced during GAL decoding. | |||||
| CVE-2015-9043 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a timer. | |||||
| CVE-2015-9038 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may be dereferenced in the front end. | |||||
| CVE-2015-9027 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | |||||
| CVE-2015-9026 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | |||||
| CVE-2015-9020 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in the unlocking of memory. | |||||
| CVE-2015-9000 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | |||||
| CVE-2015-8970 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c. | |||||
| CVE-2015-8956 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
| The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket. | |||||
| CVE-2015-8926 | 3 Canonical, Libarchive, Suse | 5 Ubuntu Linux, Libarchive, Linux Enterprise Desktop and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted rar archive. | |||||
| CVE-2015-8922 | 4 Canonical, Libarchive, Novell and 1 more | 6 Ubuntu Linux, Libarchive, Suse Linux Enterprise Desktop and 3 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct. | |||||
| CVE-2015-8917 | 3 Canonical, Debian, Libarchive | 3 Ubuntu Linux, Debian Linux, Libarchive | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file. | |||||
| CVE-2015-8916 | 3 Canonical, Debian, Libarchive | 3 Ubuntu Linux, Debian Linux, Libarchive | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted rar file. | |||||
| CVE-2015-8898 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file. | |||||