Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Android
Total 7912 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-5327 2 Cmcm, Google 2 Armorfly Browser \& Downloader, Android 2024-11-21 5.0 MEDIUM 7.5 HIGH
Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass.
CVE-2018-5326 2 Cmcm, Google 2 Cm Browser, Android 2024-11-21 5.0 MEDIUM 7.5 HIGH
Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass.
CVE-2018-5138 2 Google, Mozilla 2 Android, Firefox 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
A spoofing vulnerability can occur when a malicious site with an extremely long domain name is opened in an Android Custom Tab (a browser panel inside another app) and the default browser is Firefox for Android. This could allow an attacker to spoof which page is actually loaded and in use. Note: this issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 59.
CVE-2018-4926 4 Adobe, Apple, Google and 1 more 5 Digital Editions, Iphone Os, Mac Os X and 2 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Adobe Digital Editions versions 4.5.7 and below have an exploitable Stack Overflow vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-4925 4 Adobe, Apple, Google and 1 more 5 Digital Editions, Iphone Os, Mac Os X and 2 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Adobe Digital Editions versions 4.5.7 and below have an exploitable Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-3599 1 Google 1 Android 2024-11-21 7.5 HIGH 9.8 CRITICAL
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while notifying a DCI client, a Use After Free condition can occur.
CVE-2018-3598 1 Google 1 Android 2024-11-21 5.0 MEDIUM 7.5 HIGH
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, insufficient validation of parameters from userspace in the camera driver can lead to information leak and out-of-bounds access.
CVE-2018-3597 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In the ADSP RPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, an arbitrary kernel write can occur.
CVE-2018-3596 1 Google 1 Android 2024-11-21 7.5 HIGH 9.8 CRITICAL
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, legacy code vulnerable after migration has been removed.
CVE-2018-3587 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In a firmware memory dump feature in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), a Use After Free condition can occur.
CVE-2018-3586 1 Google 1 Android 2024-11-21 10.0 HIGH 9.8 CRITICAL
An integer overflow to buffer overflow vulnerability exists in the ADSPRPC heap manager in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
CVE-2018-3584 1 Google 1 Android 2024-11-21 5.0 MEDIUM 7.5 HIGH
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a Use After Free condition can occur in the function rmnet_usb_ctrl_init().
CVE-2018-3582 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
Buffer overflow can occur due to improper input validation in multiple WMA event handler functions in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-3581 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overwrite can occur if the vdev_id received from firmware is larger than max_bssid.
CVE-2018-3580 1 Google 1 Android 2024-11-21 9.3 HIGH 7.8 HIGH
Stack-based buffer overflow can occur In the WLAN driver if the pmkid_count value is larger than the PMKIDCache size in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-3579 1 Google 1 Android 2024-11-21 2.1 LOW 5.5 MEDIUM
In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, event->num_entries_in_page is a value received from firmware that is not properly validated which can lead to a buffer over-read
CVE-2018-3578 1 Google 1 Android 2024-11-21 9.3 HIGH 7.8 HIGH
Type mismatch for ie_len can cause the WLAN driver to allocate less memory on the heap due to implicit casting leading to a heap buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-3577 1 Google 1 Android 2024-11-21 5.0 MEDIUM 7.5 HIGH
While processing fragments, when the fragment count becomes very large, an integer overflow leading to a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
CVE-2018-3576 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.8 HIGH
improper validation of array index in WiFi driver function sapInterferenceRssiCount() leads to array out-of-bounds access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE-2018-3574 1 Google 1 Android 2024-11-21 2.1 LOW 5.5 MEDIUM
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, userspace can request ION cache maintenance on a secure ION buffer for which the ION_FLAG_SECURE ion flag is not set and cause the kernel to attempt to perform cache maintenance on memory which does not belong to HLOS.