| ID: CVE-2015-7889 |
Title: The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote... |
Type: Mobile Devices |
Bulletins:
CVE-2015-7889 SFBID77339 |
Severity: Medium |
| Description: The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent. | ||||
| Applies to: |
Created: 2017-12-27 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-3164 |
Title: cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder... |
Type: Mobile Devices |
Bulletins:
CVE-2014-3164 SFBID101506 |
Severity: Medium |
| Description: cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths. | ||||
| Applies to: |
Created: 2017-10-18 |
Updated: 2025-10-08 |
||
| ID: CVE-2015-1526 |
Title: The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. |
Type: Mobile Devices |
Bulletins:
CVE-2015-1526 SFBID76666 |
Severity: High |
| Description: The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. | ||||
| Applies to: |
Created: 2017-09-27 |
Updated: 2025-10-08 |
||
| ID: CVE-2015-1537 |
Title: Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application. |
Type: Mobile Devices |
Bulletins:
CVE-2015-1537 SFBID76670 |
Severity: High |
| Description: Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application. | ||||
| Applies to: |
Created: 2017-09-27 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-0997 |
Title: WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android... |
Type: Mobile Devices |
Bulletins:
CVE-2014-0997 SFBID72311 |
Severity: Medium |
| Description: WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle exceptions, which allows remote attackers to cause a denial of service (reboot) via a crafted 802.11 probe response frame. | ||||
| Applies to: |
Created: 2017-09-25 |
Updated: 2025-10-08 |
||
| ID: CVE-2011-4667 |
Title: The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and 15.2(2)T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.2(6),... |
Type: Hardware |
Bulletins:
CVE-2011-4667 |
Severity: Medium |
| Description: The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and 15.2(2)T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.2(6), and Cisco IOS in Cisco VPN Services Port Adaptor for Catalyst 6500 12.2(33)SXI, and 12.2(33)SXJ when IP Security (aka IPSec) is used, allows remote attackers to obtain unencrypted packets from encrypted sessions. | ||||
| Applies to: |
Created: 2017-09-25 |
Updated: 2025-10-08 |
||
| ID: CVE-2010-3050 |
Title: Cisco IOS before 12.2(33)SXI allows remote authenticated users to cause a denial of service (device reboot). |
Type: Hardware |
Bulletins:
CVE-2010-3050 |
Severity: Medium |
| Description: Cisco IOS before 12.2(33)SXI allows remote authenticated users to cause a denial of service (device reboot). | ||||
| Applies to: |
Created: 2017-09-25 |
Updated: 2025-10-08 |
||
| ID: CVE-2010-3049 |
Title: Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot). |
Type: Hardware |
Bulletins:
CVE-2010-3049 |
Severity: Medium |
| Description: Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot). | ||||
| Applies to: |
Created: 2017-09-25 |
Updated: 2025-10-08 |
||
| ID: CVE-2015-1527 |
Title: Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via a crafted application, aka Android Bug ID 19261727. |
Type: Mobile Devices |
Bulletins:
CVE-2015-1527 SFBID76665 |
Severity: Medium |
| Description: Integer overflow in IAudioPolicyService.cpp in Android allows local users to gain privileges via a crafted application, aka Android Bug ID 19261727. | ||||
| Applies to: |
Created: 2017-09-15 |
Updated: 2025-10-08 |
||
| ID: CVE-2015-3839 |
Title: The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). |
Type: Mobile Devices |
Bulletins:
CVE-2015-3839 SFBID100158 |
Severity: Low |
| Description: The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). | ||||
| Applies to: |
Created: 2017-08-07 |
Updated: 2025-10-08 |
||
| ID: CVE-2012-5030 |
Title: Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking specific SNMP objects. |
Type: Hardware |
Bulletins:
CVE-2012-5030 |
Severity: Medium |
| Description: Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking specific SNMP objects. | ||||
| Applies to: |
Created: 2017-08-02 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-7953 |
Title: Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target... |
Type: Mobile Devices |
Bulletins:
CVE-2014-7953 SFBID74213 |
Severity: Medium |
| Description: Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script to process logcat's output looking for a dexopt line, which once found should execute bindBackupAgent with the uid member of the ApplicationInfo parameter set to 1000. | ||||
| Applies to: |
Created: 2017-07-07 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-7954 |
Title: Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files... |
Type: Mobile Devices |
Bulletins:
CVE-2014-7954 SFBID74210 |
Severity: Low |
| Description: Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. (dot dot) in a name parameter of an MTP request. | ||||
| Applies to: |
Created: 2017-07-07 |
Updated: 2025-10-08 |
||
| ID: CVE-2015-3840 |
Title: The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission. |
Type: Mobile Devices |
Bulletins:
CVE-2015-3840 |
Severity: Low |
| Description: The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission. | ||||
| Applies to: |
Created: 2017-06-27 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-7919 |
Title: b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger a denial of service (null pointer dereference and process crash). |
Type: Mobile Devices |
Bulletins:
CVE-2014-7919 SFBID99014 |
Severity: Medium |
| Description: b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger a denial of service (null pointer dereference and process crash). | ||||
| Applies to: |
Created: 2017-06-08 |
Updated: 2025-10-08 |
||
| ID: CVE-2015-3830 |
Title: The stock Android browser address bar in all Android operating systems suffers from Address Bar Spoofing, which allows remote attackers to trick a victim by displaying a malicious page for legitimate domain names. |
Type: Mobile Devices |
Bulletins:
CVE-2015-3830 |
Severity: Medium |
| Description: The stock Android browser address bar in all Android operating systems suffers from Address Bar Spoofing, which allows remote attackers to trick a victim by displaying a malicious page for legitimate domain names. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9929 |
Title: In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9929 SFBID98235 |
Severity: High |
| Description: In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9930 |
Title: In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9930 SFBID98323 |
Severity: High |
| Description: In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9927 |
Title: In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9927 |
Severity: High |
| Description: In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9949 |
Title: In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9949 SFBID98250 |
Severity: High |
| Description: In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2015-9005 |
Title: In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2015-9005 SFBID98322 |
Severity: High |
| Description: In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9947 |
Title: In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9947 SFBID98248 |
Severity: Medium |
| Description: In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9951 |
Title: In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure Through Timing Discrepancy vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9951 SFBID98252 |
Severity: Medium |
| Description: In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure Through Timing Discrepancy vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9948 |
Title: In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9948 SFBID98249 |
Severity: High |
| Description: In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9945 |
Title: In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9945 SFBID98246 |
Severity: High |
| Description: In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2015-9007 |
Title: In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2015-9007 SFBID98324 |
Severity: High |
| Description: In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9944 |
Title: In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9944 SFBID98245 |
Severity: High |
| Description: In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9952 |
Title: In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9952 SFBID98253 |
Severity: High |
| Description: In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9941 |
Title: In the Embedded File System in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9941 SFBID98242 |
Severity: High |
| Description: In the Embedded File System in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2015-9006 |
Title: In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2015-9006 SFBID98321 |
Severity: High |
| Description: In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9923 |
Title: In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9923 SFBID98225 |
Severity: High |
| Description: In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9925 |
Title: In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9925 SFBID98227 |
Severity: High |
| Description: In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9926 |
Title: In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9926 SFBID98228 |
Severity: High |
| Description: In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9928 |
Title: In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9928 SFBID98233 |
Severity: High |
| Description: In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9950 |
Title: In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9950 SFBID98251 |
Severity: High |
| Description: In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9946 |
Title: In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9946 SFBID98247 |
Severity: High |
| Description: In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9943 |
Title: In Core Kernel in all Android releases from CAF using the Linux kernel, a Null Pointer Dereference vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9943 SFBID98244 |
Severity: High |
| Description: In Core Kernel in all Android releases from CAF using the Linux kernel, a Null Pointer Dereference vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9942 |
Title: In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9942 SFBID98243 |
Severity: High |
| Description: In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9924 |
Title: In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9924 SFBID98226 |
Severity: High |
| Description: In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur. | ||||
| Applies to: |
Created: 2017-06-06 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9932 |
Title: In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9932 SFBID97329 |
Severity: High |
| Description: In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. | ||||
| Applies to: |
Created: 2017-05-16 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9933 |
Title: Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9933 SFBID97329 |
Severity: High |
| Description: Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. | ||||
| Applies to: |
Created: 2017-05-16 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9934 |
Title: A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9934 SFBID97329 |
Severity: High |
| Description: A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. | ||||
| Applies to: |
Created: 2017-05-16 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9931 |
Title: A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9931 SFBID97329 |
Severity: High |
| Description: A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. | ||||
| Applies to: |
Created: 2017-05-16 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9940 |
Title: The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9940 SFBID98195 |
Severity: High |
| Description: The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application. | ||||
| Applies to: |
Created: 2017-05-02 |
Updated: 2025-10-08 |
||
| ID: CVE-2015-9004 |
Title: kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions. |
Type: Mobile Devices |
Bulletins:
CVE-2015-9004 SFBID98166 |
Severity: High |
| Description: kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions. | ||||
| Applies to: |
Created: 2017-05-02 |
Updated: 2025-10-08 |
||
| ID: CVE-2010-1776 |
Title: Find My iPhone on iOS 2.0 through 3.1.3 for iPhone 3G and later and iOS 2.1 through 3.1.3 for iPod touch (2nd generation) and later, when Find My iPhone is disabled, allows remote authenticated users with an associated MobileMe... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1776 |
Severity: Medium |
| Description: Find My iPhone on iOS 2.0 through 3.1.3 for iPhone 3G and later and iOS 2.1 through 3.1.3 for iPod touch (2nd generation) and later, when Find My iPhone is disabled, allows remote authenticated users with an associated MobileMe account to wipe the device. | ||||
| Applies to: |
Created: 2017-04-24 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-7921 |
Title: mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920. |
Type: Mobile Devices |
Bulletins:
CVE-2014-7921 |
Severity: High |
| Description: mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920. | ||||
| Applies to: |
Created: 2017-04-13 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-7920 |
Title: mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921. |
Type: Mobile Devices |
Bulletins:
CVE-2014-7920 |
Severity: High |
| Description: mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921. | ||||
| Applies to: |
Created: 2017-04-13 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9922 |
Title: The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. |
Type: Mobile Devices |
Bulletins:
CVE-2014-9922 SFBID97354 |
Severity: High |
| Description: The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. | ||||
| Applies to: |
Created: 2017-04-04 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9914 |
Title: Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations... |
Type: Mobile Devices |
Bulletins:
CVE-2014-9914 SFBID96100 |
Severity: High |
| Description: Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets. | ||||
| Applies to: |
Created: 2017-02-07 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9909 |
Title: An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires... |
Type: Mobile Devices |
Bulletins:
CVE-2014-9909 SFBID94685 |
Severity: High |
| Description: An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31676542. References: B-RB#26684. | ||||
| Applies to: |
Created: 2017-01-18 |
Updated: 2025-10-08 |
||
| ID: CVE-2014-9910 |
Title: An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires... |
Type: Mobile Devices |
Bulletins:
CVE-2014-9910 SFBID94685 |
Severity: High |
| Description: An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31746399. References: B-RB#26710. | ||||
| Applies to: |
Created: 2017-01-18 |
Updated: 2025-10-08 |
||
