This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Google First view 2015-08-08
Product Android Last view 2020-06-05
Version 5.1 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:google:android

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.5 2020-06-05 CVE-2020-13843

An issue was discovered on LG mobile devices with Android OS software before 2020-06-01. Local users can cause a denial of service because checking of the userdata partition is mishandled. The LG ID is LVE-SMP-200014 (June 2020).

9.8 2020-04-08 CVE-2018-21087

An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018).

8.1 2020-04-08 CVE-2018-21086

An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software. There is a race condition with a resultant double free in vnswap_init_backing_storage. The Samsung ID is SVE-2017-11177 (February 2018).

8.1 2020-04-08 CVE-2018-21085

An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software. There is a race condition with a resultant use-after-free in vnswap_deinit_backing_storage. The Samsung ID is SVE-2017-11176 (February 2018).

8.1 2020-04-08 CVE-2018-21084

An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.x) software. There is a race condition with a resultant read-after-free issue in get_kek. The Samsung ID is SVE-2017-11174 (February 2018).

7.5 2020-04-08 CVE-2018-21079

An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), N(7.x), and O(8.0) software. There is a kernel pointer leak in the USB gadget driver. The Samsung ID is SVE-2017-10993 (March 2018).

9.8 2020-04-08 CVE-2017-18644

An issue was discovered on Samsung mobile devices with L(5.1), M(6.x), and N(7.x) software. There is a muic_set_reg_sel heap-based buffer overflow during the reading of MUIC register values. The Samsung ID is SVE-2017-10011 (December 2017).

6.5 2020-04-07 CVE-2017-18695

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Attackers (who control a certain subdomain) can discover a user's credentials, during an email account login, via an EAS autodiscover packet. The Samsung ID is SVE-2016-7654 (January 2017).

9.8 2020-04-07 CVE-2017-18693

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. There is a buffer overflow in the fps sysfs entry. The Samsung ID is SVE-2016-7510 (January 2017).

9.8 2020-04-07 CVE-2017-18690

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 (January 2017).

7.5 2020-04-07 CVE-2017-18688

An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.0) software. There is an information disclosure (of memory locations outside a buffer) via /dev/dsm_ctrl_dev. The Samsung ID is SVE-2016-7340 (January 2017).

5.3 2020-04-07 CVE-2017-18687

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. An attacker can obtain the full pathnames of sdcard files by reading the system protected log upon reception of a certain intent. The Samsung ID is SVE-2016-7183 (January 2017).

7.5 2020-04-07 CVE-2017-18685

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. The InputMethod application can cause a system crash via a malformed serializable object in an Intent. The Samsung ID is SVE-2016-7123 (February 2017).

9.8 2020-04-07 CVE-2017-18684

An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. SVoice allows provider seizure via an application that uses a custom provider. The Samsung ID is SVE-2016-6942 (February 2017).

9.8 2020-04-07 CVE-2017-18683

An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. SVoice allows Hare Hunting during application installation. The Samsung ID is SVE-2016-6942 (February 2017).

7.5 2020-04-07 CVE-2017-18682

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Because of incorrect exception handling and an unprotected intent, AudioService can cause a system crash, The Samsung IDs are SVE-2017-8114, SVE-2017-8116, and SVE-2017-8117 (March 2017).

7.1 2020-04-07 CVE-2017-18680

An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (tablets) software. The lockscreen interface allows Add User actions, leading to an unintended ability to access user data in external storage. The Samsung ID is SVE-2016-7797 (March 2017).

7.5 2020-04-07 CVE-2017-18678

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-8119 (April 2017).

5.5 2020-04-07 CVE-2017-18672

An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Because of incorrect exception handling for Intents, a local attacker can force a reboot within framework.jar. The Samsung ID is SVE-2017-8390 (May 2017).

7.5 2020-04-07 CVE-2017-18671

An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Intents related to Wi-Fi have incorrect exception handling, leading to a crash of system processes. The Samsung ID is SVE-2017-8389 (May 2017).

7.5 2020-04-07 CVE-2017-18670

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. android.intent.action.SIOP_LEVEL_CHANGED allows a serializable intent reboot. The Samsung ID is SVE-2017-8363 (May 2017).

4.3 2020-04-07 CVE-2017-18667

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can prevent users from learning that SMS storage space has been exhausted. The Samsung ID is SVE-2017-8702 (June 2017).

7.5 2020-04-07 CVE-2017-18666

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Applications can send arbitrary premium SMS messages. The Samsung ID is SVE-2017-8701 (June 2017).

7.5 2020-04-07 CVE-2017-18664

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. There is a NULL pointer exception in PersonManager, causing memory corruption. The Samsung ID is SVE-2017-8286 (June 2017).

5.3 2020-04-07 CVE-2017-18659

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 (July 2017).

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
31% (243) CWE-264 Permissions, Privileges, and Access Controls
17% (137) CWE-200 Information Exposure
14% (112) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (61) CWE-20 Improper Input Validation
4% (38) CWE-284 Access Control (Authorization) Issues
3% (27) CWE-189 Numeric Errors
2% (16) CWE-362 Race Condition
1% (15) CWE-190 Integer Overflow or Wraparound
1% (14) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
1% (9) CWE-755 Improper Handling of Exceptional Conditions
1% (8) CWE-787 Out-of-bounds Write
1% (8) CWE-416 Use After Free
1% (8) CWE-254 Security Features
0% (7) CWE-476 NULL Pointer Dereference
0% (7) CWE-19 Data Handling
0% (5) CWE-125 Out-of-bounds Read
0% (4) CWE-732 Incorrect Permission Assignment for Critical Resource
0% (4) CWE-399 Resource Management Errors
0% (4) CWE-275 Permission Issues
0% (3) CWE-388 Error Handling
0% (3) CWE-129 Improper Validation of Array Index
0% (2) CWE-772 Missing Release of Resource after Effective Lifetime
0% (2) CWE-682 Incorrect Calculation
0% (2) CWE-522 Insufficiently Protected Credentials
0% (2) CWE-415 Double Free

Snort® IPS/IDS

Date Description
2019-12-24 Google Android libstagefright integer underflow attempt
RuleID : 52289 - Type : OS-MOBILE - Revision : 1
2019-12-24 Google Android libstagefright integer underflow attempt
RuleID : 52288 - Type : OS-MOBILE - Revision : 1
2019-12-10 Android Stagefright MP4 buffer overflow attempt
RuleID : 52101 - Type : OS-MOBILE - Revision : 1
2019-12-10 Android Stagefright MP4 buffer overflow attempt
RuleID : 52100 - Type : OS-MOBILE - Revision : 1
2019-11-15 Android Stagefright MP4 buffer overflow attempt
RuleID : 51866 - Type : OS-MOBILE - Revision : 1
2019-11-15 Android Stagefright MP4 buffer overflow attempt
RuleID : 51865 - Type : OS-MOBILE - Revision : 1
2019-11-15 Android Stagefright MP4 buffer overflow attempt
RuleID : 51864 - Type : OS-MOBILE - Revision : 1
2019-11-15 Android Stagefright MP4 buffer overflow attempt
RuleID : 51863 - Type : OS-MOBILE - Revision : 1
2019-11-15 Android Stagefright MP4 buffer overflow attempt
RuleID : 51862 - Type : OS-MOBILE - Revision : 1
2019-11-15 Android Stagefright MP4 buffer overflow attempt
RuleID : 51861 - Type : OS-MOBILE - Revision : 1
2019-11-15 Android Stagefright MP4 buffer overflow attempt
RuleID : 51860 - Type : OS-MOBILE - Revision : 1
2019-11-15 Android Stagefright MP4 buffer overflow attempt
RuleID : 51859 - Type : OS-MOBILE - Revision : 1
2019-11-15 Android Stagefright MP4 buffer overflow attempt
RuleID : 51858 - Type : OS-MOBILE - Revision : 1
2019-11-15 Android Stagefright MP4 buffer overflow attempt
RuleID : 51857 - Type : OS-MOBILE - Revision : 1
2018-05-23 Linux Kernel Challenge ACK provocation attempt
RuleID : 40063-community - Type : OS-LINUX - Revision : 5
2016-10-11 Linux Kernel Challenge ACK provocation attempt
RuleID : 40063 - Type : OS-LINUX - Revision : 5
2016-03-14 Linux Kernel keyring object exploit download attempt
RuleID : 37438 - Type : OS-LINUX - Revision : 2
2016-03-14 Linux Kernel keyring object exploit download attempt
RuleID : 37437 - Type : OS-LINUX - Revision : 2
2016-03-14 Linux Kernel keyring object exploit download attempt
RuleID : 37436 - Type : OS-LINUX - Revision : 2
2016-03-14 Linux Kernel keyring object exploit download attempt
RuleID : 37435 - Type : OS-LINUX - Revision : 2
2015-09-03 Android Stagefright MP4 buffer overflow attempt
RuleID : 35435 - Type : OS-MOBILE - Revision : 5
2015-09-03 Android Stagefright MP4 buffer overflow attempt
RuleID : 35434 - Type : OS-MOBILE - Revision : 5

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-04-27 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-1062.nasl - Type: ACT_GATHER_INFO
2018-02-28 Name: The version of Arista Networks EOS running on the remote device is affected b...
File: arista_eos_sa0020.nasl - Type: ACT_GATHER_INFO
2018-02-28 Name: The version of Arista Networks EOS running on the remote device is affected b...
File: arista_eos_sa0023.nasl - Type: ACT_GATHER_INFO
2017-12-14 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-3659.nasl - Type: ACT_GATHER_INFO
2017-12-14 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0174.nasl - Type: ACT_GATHER_INFO
2017-12-11 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-3657.nasl - Type: ACT_GATHER_INFO
2017-12-11 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-3658.nasl - Type: ACT_GATHER_INFO
2017-12-11 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0173.nasl - Type: ACT_GATHER_INFO
2017-11-08 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0168.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-3636.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-3637.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-2920-1.nasl - Type: ACT_GATHER_INFO
2017-10-03 Name: The remote host is missing a macOS update that fixes multiple security vulner...
File: macos_10_13.nasl - Type: ACT_GATHER_INFO
2017-09-20 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-2525-1.nasl - Type: ACT_GATHER_INFO
2017-09-19 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3422-1.nasl - Type: ACT_GATHER_INFO
2017-09-11 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-2389-1.nasl - Type: ACT_GATHER_INFO
2017-09-08 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2017-1161.nasl - Type: ACT_GATHER_INFO
2017-09-08 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2017-1162.nasl - Type: ACT_GATHER_INFO
2017-09-08 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1167.nasl - Type: ACT_GATHER_INFO
2017-09-08 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1168.nasl - Type: ACT_GATHER_INFO
2017-09-01 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2017-876.nasl - Type: ACT_GATHER_INFO
2017-08-25 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-1842.nasl - Type: ACT_GATHER_INFO
2017-08-25 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-2299.nasl - Type: ACT_GATHER_INFO
2017-08-25 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-3609.nasl - Type: ACT_GATHER_INFO
2017-08-25 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0145.nasl - Type: ACT_GATHER_INFO