Vulnerabilities > Google > Android > 4.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-24 | CVE-2015-1525 | Improper Input Validation vulnerability in Google Android audio/AudioPolicyManagerBase.cpp in Android before 5.1 allows attackers to cause a denial of service (audio_policy application outage) via a crafted application that provides a NULL device address. | 5.5 |
| 2020-01-23 | CVE-2013-6792 | Unspecified vulnerability in Google Android Google Android prior to 4.4 has an APK Signature Security Bypass Vulnerability | 9.8 |
| 2018-11-30 | CVE-2018-15835 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Android 1.0 through 9.0 has Insecure Permissions. | 7.5 |
| 2018-07-06 | CVE-2018-5907 | Integer Overflow or Wraparound vulnerability in Google Android Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | 7.8 |
| 2018-07-06 | CVE-2018-11304 | Integer Overflow or Wraparound vulnerability in Google Android Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | 7.8 |
| 2018-05-10 | CVE-2018-6254 | Out-of-bounds Read vulnerability in Google Android In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure. | 3.3 |
| 2018-05-10 | CVE-2018-6246 | Information Exposure vulnerability in Google Android In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. | 5.3 |
| 2018-05-02 | CVE-2013-6272 | Improper Access Control vulnerability in Google Android The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangup ongoing calls via a crafted application. | 7.8 |
| 2018-04-20 | CVE-2014-0900 | Improper Input Validation vulnerability in Google Android The Device Administrator code in Android before 4.4.1_r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap data structure. | 8.8 |
| 2017-12-28 | CVE-2015-7889 | Permission Issues vulnerability in Google Android The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent. | 5.5 |