Total
7899 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9934 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. | |||||
| CVE-2014-9933 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. | |||||
| CVE-2014-9932 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. | |||||
| CVE-2014-9931 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. | |||||
| CVE-2014-9930 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||||
| CVE-2014-9929 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist. | |||||
| CVE-2014-9928 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||||
| CVE-2014-9927 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||||
| CVE-2014-9926 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||||
| CVE-2014-9925 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||||
| CVE-2014-9924 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur. | |||||
| CVE-2014-9923 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||||
| CVE-2014-9922 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. | |||||
| CVE-2014-9914 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets. | |||||
| CVE-2014-9910 | 1 Google | 1 Android | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31746399. References: B-RB#26710. | |||||
| CVE-2014-9909 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31676542. References: B-RB#26684. | |||||
| CVE-2014-9908 | 1 Google | 1 Android | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558). | |||||
| CVE-2014-9902 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices allows remote attackers to execute arbitrary code via a crafted Information Element (IE) in an 802.11 management frame, aka Android internal bug 28668638 and Qualcomm internal bugs CR553937 and CR553941. | |||||
| CVE-2014-9901 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices makes incorrect snprintf calls, which allows remote attackers to cause a denial of service (device hang or reboot) via crafted frames, aka Android internal bug 28670333 and Qualcomm internal bug CR548711. | |||||
| CVE-2014-9900 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28803952 and Qualcomm internal bug CR570754. | |||||