AndroidVulnerabilities.org

Back to all vulnerabilities

Acer

Acer is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

mempodroid - mempodripper - mem exploit

(json)

• CVE numbers: CVE-2012-0056 [mempodroid-cve-mitre]
• Coordinated disclosure?: false
• Categories: kernel
• Details: The mem_write function in the Linux kernel does not properly check permissions, allowing a user to gain privileges [mempodroid-cve-mitre]
• Discovered by: Jay Freeman (saurik) [xda-forum-mempodroid] on: 2012-01-24 [xda-forum-mempodroid]
• Reported on: 2012-01-24 [xda-forum-mempodroid]
• Fixed on: 2012-01-17 [citation-needed]
• Fix released on: Unknown
• Affected versions: 4.0.1-4.0.3 [citation-needed] regex: 4.0.[1-3]
• Affected devices: Acer A200 Tablet, Galaxy Nexus, Motorola RAZR, Nexus S, Asus Transformer Prime [android-paper]
• Affected manufacturers: Acer [android-paper], Samsung [android-paper], Motorola [android-paper], Asus [android-paper]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-03

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

Asus

Asus is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Asus has a FUM score of 2.61.

NachoRoot

(json)

• CVE numbers:
• Coordinated disclosure?: false
• Categories: permissions
• Details: On ASUS Transformer Pime /data/sensors/AMI304_Config.ini is set world writable on boot and so a /data/local.prop symlink attack can be mounted [gh-cunninglogic-nachoroot-sh][archived]
• Discovered by: Justin Case (jcase) [gh-cunninglogic-nachoroot-sh][archived] on: 2012-01-03 [gh-cunninglogic-nachoroot]
• Reported on: 2012-01-03 [xda-nachoroot]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices: ASUS Transformer Prime [gh-cunninglogic-nachoroot]
• Affected manufacturers: Asus [gh-cunninglogic-nachoroot]
• Fixed versions:
• Submission: by: Daniel R. Thomas, on: 2014-07-21; by: Thomas Coudray, on: 2014-03-07

mempodroid - mempodripper - mem exploit

(json)

• CVE numbers: CVE-2012-0056 [mempodroid-cve-mitre]
• Coordinated disclosure?: false
• Categories: kernel
• Details: The mem_write function in the Linux kernel does not properly check permissions, allowing a user to gain privileges [mempodroid-cve-mitre]
• Discovered by: Jay Freeman (saurik) [xda-forum-mempodroid] on: 2012-01-24 [xda-forum-mempodroid]
• Reported on: 2012-01-24 [xda-forum-mempodroid]
• Fixed on: 2012-01-17 [citation-needed]
• Fix released on: Unknown
• Affected versions: 4.0.1-4.0.3 [citation-needed] regex: 4.0.[1-3]
• Affected devices: Acer A200 Tablet, Galaxy Nexus, Motorola RAZR, Nexus S, Asus Transformer Prime [android-paper]
• Affected manufacturers: Acer [android-paper], Samsung [android-paper], Motorola [android-paper], Asus [android-paper]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-03

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

Broadcom

Broadcom is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

• CVE-2016-0801
• CVE-2016-0802
• CVE-2017-0430
• CVE-2017-0509
• CVE-2017-0561
• CVE-2017-9417
• CVE-2017-11120
• CVE-2017-11121
• CVE-2017-7065
• CVE-2017-13292
• CVE-2019-11516

Coolpad

Coolpad is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

Fujitsu

Fujitsu is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

libperf_event

(json)

• CVE numbers: CVE-2013-2094 [cve-mitre-libperf-event]
• Coordinated disclosure?: false
• Categories: kernel
• Details: The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call. [cve-mitre-libperf-event]
• Discovered by: Hiroyuki Ikezoe [android-paper] on: Unknown
• Reported on: Unknown
• Fixed on: 2013-04-25 [linux-3-8-9-launchpad]
• Fix released on: Unknown
• Affected versions: 4.0 to 4.3.1 [android-paper] regex: (4.[0-2].[0-9])|(4.3.[0-1])
• Affected devices: Nexus 4, and some Japanese models from HTC, Fujitsu, Sharp, Sony and LG models [android-paper]
• Affected manufacturers: HTC [android-paper], Fujitsu [android-paper], Sharp [android-paper], Sony [android-paper], LG [android-paper]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-08

Gionee

Gionee is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

HTC

HTC is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

HTC has a FUM score of 2.6.

• Zysploit
• TacoRoot
• Diaggetroot
• libperf_event
• WeakSauce
• Full TrustZone
• PingPongRoot
• CVE-2017-0563

Hisense

Hisense is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

Huawei

Huawei is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Mate7 TrustZone Exploit

(json)

• CVE numbers: CVE-2015-4421 [mate7-advisory][archived], CVE-2015-4422 [mate7-advisory][archived]
• Coordinated disclosure?: unknown
• Categories: system
• Details: The tzdriver and TEEOS modules of the Huawei Mate 7 have vulnerabilities which may allow malicious apps to perform denial of service attacks, or gain privileges, by gaining access to the TEE [mate7-advisory][archived]
• Discovered by: Di Shen (returnsme) [mate7-advisory][archived] on: Unknown
• Reported on: 2015-05-20 [mate7-advisory][archived]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices: Huawei Mate 7 [mate7-advisory][archived]
• Affected manufacturers: Huawei [mate7-advisory][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-08

IUNI

IUNI is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

InFocus

InFocus is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

LG

LG is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

LG has a FUM score of 4.53.

• LG Lit
• libperf_event
• LG Sprite backup
• StumpRoot
• Full TrustZone
• Sensord local root
• CVE-2018-9364

Lenovo

Lenovo is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

MediaTek

MediaTek is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

• CVE-2016-0820
• CVE-2016-3767
• CVE-2016-3770
• CVE-2016-3771
• CVE-2016-3772
• CVE-2016-3773
• CVE-2016-3774
• CVE-2016-3928
• CVE-2016-8433
• CVE-2017-0500
• CVE-2017-0501
• CVE-2017-0502
• CVE-2017-0503
• CVE-2017-0504
• CVE-2017-0505
• CVE-2017-0506
• CVE-2016-10274
• CVE-2018-9373

Motorola

Motorola is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Motorola has a FUM score of 3.34.

• Volez
• mempodroid - mempodripper - mem exploit
• Motochopper
• Defy republic init_runit
• TwerkMyMoto

NVIDIA

NVIDIA is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

• CVE-2016-2434
• CVE-2016-2435
• CVE-2016-2436
• CVE-2016-2437
• CVE-2016-3769
• CVE-2016-6730
• CVE-2016-6731
• CVE-2016-6732
• CVE-2016-6733
• CVE-2016-6734
• CVE-2016-6735
• CVE-2016-6736
• CVE-2016-6775
• CVE-2016-6776
• CVE-2016-6777
• CVE-2016-6915
• CVE-2016-6916
• CVE-2016-6917
• CVE-2016-8424
• CVE-2016-8425
• CVE-2016-8426
• CVE-2016-8427
• CVE-2016-8428
• CVE-2016-8429
• CVE-2016-8430
• CVE-2016-8431
• CVE-2016-8432
• CVE-2016-8435
• CVE-2016-8482
• CVE-2017-0428
• CVE-2017-0429
• CVE-2017-0306
• CVE-2017-0333
• CVE-2017-0335
• CVE-2017-0337
• CVE-2017-0338
• CVE-2017-0331
• CVE-2017-6289
• CVE-2018-6271

OnePlus

OnePlus is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

Oppo

Oppo is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

Other devices using the sensord daemon

Other devices using the sensord daemon is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Sensord local root

(json)

• CVE numbers:
• Coordinated disclosure?: false
• Categories: system
• Details: A vulnerability exploiting the sensord daemon, which runs as root on some devices [sensord-exploit-db]
• Discovered by: s0m3b0dy [sensord-exploit-db] on: Unknown
• Reported on: 2016-01-27 [sensord-exploit-db]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices: LG L7 and others [sensord-exploit-db]
• Affected manufacturers: LG [sensord-exploit-db], Other devices using the sensord daemon [sensord-exploit-db]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

Pantech

Pantech is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

Qualcomm

Qualcomm is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

• Qualcomm Integer oveflow diagnostics
• Qualcomm missing checks put_user get_user
• Qualcomm Gandalf camera driver
• Motochopper
• Qualcomm acdb audio buffer overflow
• Qualcomm Integer overflow camera
• Qualcomm stack buffer overflow camera
• Qualcomm Goodix driver procfs
• Qualcomm out of bounds camera
• Qualcomm chown init scripts
• CVE-2014-9902
• CVE-2014-9863
• CVE-2014-9794
• CVE-2014-9795
• QSEECOM driver
• CVE-2016-8434
• CVE-2017-0604
• Use-After-Free camera driver exploit
• CVE-2015-8892
• QSEE privilege escalation
• Qualcomm TrustZone
• CVE-2016-0844
• CVE-2016-0805
• CVE-2016-0806
• CVE-2016-0819
• CVE-2016-2067
• CVE-2016-8422
• CVE-2016-0843
• CVE-2015-0569
• CVE-2015-0570
• CVE-2016-2431
• CVE-2016-2432
• CVE-2016-8423
• CVE-2016-8436
• CVE-2016-2062
• CVE-2016-2465
• CVE-2016-2466
• CVE-2016-2467
• CVE-2016-2468
• CVE-2016-2474
• CVE-2016-2503
• CVE-2016-3768
• CVE-2016-10275
• CVE-2016-2504
• CVE-2016-3842
• CVE-2016-6725
• CVE-2016-3706
• CVE-2016-4429
• CVE-2016-3926
• CVE-2016-3927
• CVE-2016-8418
• CVE-2016-6727
• CVE-2016-6729
• CVE-2016-10230
• CVE-2016-8411
• CVE-2016-10276
• CVE-2016-8438
• CVE-2016-8442
• CVE-2016-8443
• CVE-2017-7371
• CVE-2017-0431
• CVE-2016-8479
• CVE-2016-8484
• CVE-2016-8485
• CVE-2016-8486
• CVE-2016-8487
• CVE-2016-8488
• CVE-2014-9931
• CVE-2014-9932
• CVE-2014-9933
• CVE-2014-9934
• CVE-2014-9935
• CVE-2014-9936
• CVE-2014-9937
• CVE-2015-8995
• CVE-2015-8996
• CVE-2015-8997
• CVE-2015-8998
• CVE-2015-8999
• CVE-2015-9000
• CVE-2015-9001
• CVE-2015-9002
• CVE-2015-9003
• CVE-2016-10237
• CVE-2016-10238
• CVE-2016-10242
• CVE-2014-9923
• CVE-2014-9924
• CVE-2014-9925
• CVE-2014-9926
• CVE-2014-9927
• CVE-2014-9928
• CVE-2014-9929
• CVE-2014-9930
• CVE-2015-9005
• CVE-2015-9006
• CVE-2015-9007
• CVE-2016-10240
• CVE-2016-10241
• CVE-2016-10297
• CVE-2017-9714
• CVE-2014-9953
• CVE-2014-9960
• CVE-2014-9961
• CVE-2014-9967
• CVE-2015-9008
• CVE-2015-9009
• CVE-2015-9010
• CVE-2015-9011
• CVE-2015-9012
• CVE-2015-9013
• CVE-2015-9014
• CVE-2015-9015
• CVE-2015-9024
• CVE-2015-9026
• CVE-2015-9027
• CVE-2015-9029
• CVE-2016-10298
• CVE-2016-10299
• CVE-2016-10333
• CVE-2016-10334
• CVE-2016-10335
• CVE-2016-10336
• CVE-2016-10338
• CVE-2016-10339
• CVE-2016-10340
• CVE-2016-10341
• CVE-2017-11013
• CVE-2017-11014
• CVE-2017-11015
• CVE-2017-11043
• CVE-2017-18067
• CVE-2017-15860
• CVE-2017-15815
• CVE-2017-11041
• CVE-2017-11053
• CVE-2017-15822
• CVE-2018-3565
• CVE-2018-3580
• CVE-2017-6211
• CVE-2018-3569
• CVE-2017-14911
• CVE-2018-5854
• CVE-2018-5872
• CVE-2017-17773
• CVE-2014-9996
• CVE-2017-18071
• CVE-2017-18128
• CVE-2017-18146
• CVE-2017-8274
• CVE-2018-3591
• CVE-2018-3592
• CVE-2018-11262
• CVE-2017-18155
• CVE-2018-11940
• CVE-2016-2108
• CVE-2017-18171
• CVE-2018-11257
• CVE-2018-11259
• CVE-2018-5874
• CVE-2018-5875
• CVE-2018-5876
• CVE-2019-2269
• CVE-2018-11817
• CVE-2017-18296
• CVE-2017-18305
• CVE-2017-18310
• CVE-2016-10394
• CVE-2017-18311
• CVE-2017-18314
• CVE-2018-11824
• CVE-2018-11950
• CVE-2018-5866
• CVE-2017-18317
• CVE-2018-11264
• CVE-2017-11004
• CVE-2017-18141
• CVE-2017-8248
• CVE-2018-11279
• CVE-2018-5913
• CVE-2018-11847
• CVE-2019-2287
• CVE-2019-2330
• CVE-2018-11289
• CVE-2018-11820
• CVE-2018-11938
• CVE-2018-11945
• CVE-2019-2308
• CVE-2017-8252
• CVE-2018-11958
• CVE-2019-10492
• CVE-2018-11271
• CVE-2018-11976
• CVE-2018-12004
• CVE-2018-13886
• CVE-2018-13887
• CVE-2019-2250
• CVE-2018-13898
• CVE-2018-5912
• CVE-2019-2255
• CVE-2019-2256
• CVE-2018-13924
• CVE-2018-13927
• CVE-2019-2254
• CVE-2019-2322
• CVE-2019-2327
• CVE-2019-10539
• CVE-2019-10540

Samsung

Samsung is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Samsung has a FUM score of 2.81.

• mempodroid - mempodripper - mem exploit
• Samsung GPU DMA
• camera-isp - camera-sysr - Vcodec
• exynosroot
• Full TrustZone
• PingPongRoot
• Samsung WifiHs20UtilityService

Sharp

Sharp is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

libperf_event

(json)

• CVE numbers: CVE-2013-2094 [cve-mitre-libperf-event]
• Coordinated disclosure?: false
• Categories: kernel
• Details: The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call. [cve-mitre-libperf-event]
• Discovered by: Hiroyuki Ikezoe [android-paper] on: Unknown
• Reported on: Unknown
• Fixed on: 2013-04-25 [linux-3-8-9-launchpad]
• Fix released on: Unknown
• Affected versions: 4.0 to 4.3.1 [android-paper] regex: (4.[0-2].[0-9])|(4.3.[0-1])
• Affected devices: Nexus 4, and some Japanese models from HTC, Fujitsu, Sharp, Sony and LG models [android-paper]
• Affected manufacturers: HTC [android-paper], Fujitsu [android-paper], Sharp [android-paper], Sony [android-paper], LG [android-paper]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-08

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

Sony

Sony is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Sony has a FUM score of 2.78.

libperf_event

(json)

• CVE numbers: CVE-2013-2094 [cve-mitre-libperf-event]
• Coordinated disclosure?: false
• Categories: kernel
• Details: The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call. [cve-mitre-libperf-event]
• Discovered by: Hiroyuki Ikezoe [android-paper] on: Unknown
• Reported on: Unknown
• Fixed on: 2013-04-25 [linux-3-8-9-launchpad]
• Fix released on: Unknown
• Affected versions: 4.0 to 4.3.1 [android-paper] regex: (4.[0-2].[0-9])|(4.3.[0-1])
• Affected devices: Nexus 4, and some Japanese models from HTC, Fujitsu, Sharp, Sony and LG models [android-paper]
• Affected manufacturers: HTC [android-paper], Fujitsu [android-paper], Sharp [android-paper], Sony [android-paper], LG [android-paper]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-08

Z2 root exploit

(json)

• CVE numbers:
• Coordinated disclosure?: false
• Categories: system
• Details: A system vulnerability enables users to obtain root access to some Sony devices via the shell [xda-developers-z2root]
• Discovered by: Sacha (xsacha), cubundcube and Andreas Makris (bin4ry) [android-paper] on: Unknown
• Reported on: 2014-06-12 [xda-developers-z2root]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices: Z2 phones and tablets [xda-developers-z2root]
• Affected manufacturers: Sony [xda-developers-z2root]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-08

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

Vivo

Vivo is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

Xiaomi

Xiaomi is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

ZTE

ZTE is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

Full TrustZone

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: kernel, system
• Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
• Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
• Reported on: 2014-09-19 [msm8974-pt3][archived]
• Fixed on: 2014-10-01 [msm8974-pt3][archived]
• Fix released on: Unknown
• Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
• Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
• Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-09

all

• sock_sendpage
• WebKit Use-After-Free
• KillingInTheNameOf psneuter ashmem
• exploid udev
• RageAgainstTheCage adb
• RageAgainstTheCage zygote
• Use-After-Free Remote
• Android Browser Exploit WebKit
• levitator
• Gingerbreak
• Browser Cross-App Scripting
• zergRush
• JavaScript to Java
• APK duplicate file
• APK unchecked name
• APK unsigned shorts
• keystore buffer
• vold asec
• Fake ID
• pty race
• TowelRoot
• CVE-2014-9914
• ObjectInputStream deserializable
• CVE-2015-6640
• prctl_set_vma_anon_name
• CVE-2014-6060
• Mediaserver code execution
• dhcpd buffer overrun
• CVE-2014-9322
• CVE-2014-9529
• pipe inatomic
• CVE-2014-9028
• CVE-2015-2686
• CVE-2015-3832
• CVE-2015-1538
• CVE-2015-1539
• Stagefright
• CVE-2015-3877
• CVE-2015-3636
• CVE-2015-3824
• CVE-2015-3827
• CVE-2015-3828
• CVE-2015-3829
• CVE-2015-3867
• CVE-2015-5706
• CVE-2015-3836
• One class to rule them all
• CVE-2015-6601
• CVE-2015-3870
• CVE-2015-3288
• CVE-2015-3823
• CVE-2015-3871
• CVE-2015-6600
• CVE-2015-3869
• CVE-2015-6617
• CVE-2015-3864
• CVE-2015-6604
• CVE-2015-6603
• CVE-2015-3876
• Stagefright2
• CVE-2015-3868
• CVE-2015-3873
• CVE-2015-3875
• CVE-2015-6598
• CVE-2015-3872
• CVE-2015-6602
• CVE-2015-3874
• CVE-2015-6599
• CVE-2015-6609
• CVE-2015-6608
• Metaphor
• CVE-2015-6619
• CVE-2015-6616
• CVE-2015-6634
• CVE-2015-8961
• CVE-2016-0804
• CVE-2016-0807
• CVE-2015-6636
• CVE-2015-8962
• CVE-2013-7446
• CVE-2016-0803
• CVE-2016-0836
• CVE-2016-3841
• CVE-2015-6633
• CVE-2016-0839
• CVE-2016-0842
• CVE-2017-0470
• CVE-2016-0818
• CVE-2015-8966
• CVE-2016-10229
• CVE-2016-0835
• CVE-2015-6637
• CVE-2015-6638
• CVE-2015-6639
• CVE-2015-6647
• CVE-2016-0816
• CVE-2016-2464
• CVE-2016-0815
• CVE-2016-0838
• CVE-2016-1621
• CVE-2016-7913
• CVE-2016-1503
• CVE-2016-0840
• CVE-2016-0841
• CVE-2016-0758
• CVE-2016-0837
• CVE-2016-9120
• CVE-2016-0728
• CVE-2016-3951
• CVE-2016-2429
• CVE-2016-7117
• CVE-2016-2428
• CVE-2016-3134
• CVE-2016-2430
• CVE-2016-2184
• CVE-2015-1805
• CVE-2016-0834
• CVE-2016-2463
• CVE-2016-7912
• CVE-2016-3742
• CVE-2016-3743
• CVE-2016-2505
• CVE-2016-2507
• CVE-2016-3840
• CVE-2016-2506
• CVE-2016-9806
• CVE-2016-3741
• CVE-2016-4794
• CVE-2016-3820
• CVE-2017-0587
• CVE-2016-3819
• CVE-2016-3821
• CVE-2016-2508
• CVE-2016-4470
• CVE-2016-5340
• CVE-2016-3861
• CVE-2015-8816
• CVE-2016-3775
• CVE-2016-7911
• CVE-2016-3862
• CVE-2016-7910
• CVE-2016-3857
• CVE-2016-6828
• CVE-2016-2182
• CVE-2016-6699
• CVE-2016-5195
• dirtyc0w
• CVE-2017-0592
• CVE-2016-6700
• CVE-2016-6728
• CVE-2016-6737
• CVE-2016-10200
• CVE-2017-0406
• CVE-2017-0407
• CVE-2017-0474
• CVE-2017-0405
• CVE-2016-9794
• CVE-2017-0543
• CVE-2017-0591
• CVE-2017-0475
• CVE-2017-0466
• CVE-2017-0467
• CVE-2017-0468
• CVE-2017-0542
• CVE-2017-0469
• CVE-2017-0673
• CVE-2017-0538
• CVE-2017-0471
• CVE-2017-0472
• CVE-2017-0539
• CVE-2017-0590
• CVE-2017-0473
• CVE-2017-0427
• CVE-2017-0541
• CVE-2017-0680
• CVE-2017-0507
• CVE-2017-0508
• CVE-2017-0510
• CVE-2017-0589
• CVE-2017-0588
• CVE-2017-0756
• CVE-2015-7555
• CVE-2017-0677
• CVE-2017-0637
• CVE-2017-0564
• CVE-2017-0674
• CVE-2017-0675
• CVE-2017-0676
• CVE-2017-13160
• CVE-2017-0759
• CVE-2017-0719
• CVE-2017-0721
• CVE-2017-0723
• CVE-2017-0540
• CVE-2016-10277
• CVE-2017-0811
• CVE-2017-0679
• CVE-2017-0715
• CVE-2017-8890
• CVE-2017-0681
• CVE-2017-0716
• CVE-2017-0678
• CVE-2017-0762
• CVE-2017-0745
• CVE-2017-0714
• CVE-2017-0722
• CVE-2017-0720
• CVE-2017-0718
• CVE-2017-0760
• CVE-2017-0757
• CVE-2017-0758
• CVE-2017-0810
• CVE-2017-0832
• CVE-2017-0835
• CVE-2017-0761
• CVE-2017-0763
• CVE-2017-0833
• CVE-2017-0809
• CVE-2017-0834
• CVE-2017-13230
• CVE-2017-0765
• CVE-2017-13151
• CVE-2017-0764
• CVE-2017-0781
• CVE-2017-0782
• CVE-2017-13249
• CVE-2017-0841
• CVE-2017-0878
• CVE-2018-9473
• CVE-2017-0836
• CVE-2017-0872
• CVE-2017-13178
• CVE-2017-13179
• CVE-2017-13177
• CVE-2017-13208
• CVE-2017-13228
• CVE-2017-0876
• CVE-2017-0877
• CVE-2017-13248
• CVE-2017-13250
• CVE-2017-13251
• CVE-2018-9498
• CVE-2017-13255
• CVE-2017-13256
• CVE-2017-13266
• CVE-2017-13267
• CVE-2017-13272
• CVE-2017-13276
• CVE-2017-13277
• CVE-2017-13282
• CVE-2017-13283
• CVE-2017-13281
• CVE-2017-13284
• CVE-2018-9341
• CVE-2018-9356
• CVE-2018-9365
• CVE-2018-9355
• CVE-2018-9357
• CVE-2018-9411
• CVE-2018-9427
• CVE-2018-9446
• CVE-2018-5146
• CVE-2018-9450
• CVE-2018-9536
• CVE-2018-9550
• CVE-2018-9476
• CVE-2018-9478
• CVE-2018-9479
• CVE-2018-9496
• CVE-2018-9497
• CVE-2018-9475
• CVE-2018-9531
• CVE-2018-9433
• CVE-2018-9504
• CVE-2018-9490
• CVE-2018-9537
• CVE-2018-9551
• CVE-2018-9527
• CVE-2018-9549
• CVE-2018-9552
• CVE-2018-9555
• CVE-2019-2095
• CVE-2018-9583
• CVE-2018-9556
• CVE-2019-1988
• CVE-2019-1989
• CVE-2019-2028
• CVE-2019-1986
• CVE-2019-1987
• CVE-2019-1990
• CVE-2019-1992
• CVE-2019-1991
• CVE-2019-2009
• CVE-2019-2093
• CVE-2019-2029
• CVE-2019-2111
• CVE-2019-2027
• CVE-2019-2044
• CVE-2019-2045
• CVE-2019-2046
• CVE-2019-2047
• CVE-2019-2097
• CVE-2019-2106
• CVE-2019-2094
• CVE-2019-2107
• CVE-2019-2130
• CVE-2019-2109

none

none is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.

TPSparkyRoot

(json)

• CVE numbers:
• Coordinated disclosure?: false
• Categories: system
• Details: A bug in chmod, mkdir and chown mean that they fail when the last element of their target path is a symlink [android-commit-tpsparkyroot]
• Discovered by: sparkym3 [xda-forum-tpsparkyroot] on: Unknown
• Reported on: 2012-01-11 [xda-forum-tpsparkyroot]
• Fixed on: Unknown
• Fix released on: 2012-05-02 [android-commit-tpsparkyroot]
• Affected versions: 4.0-4.0.4 [citation-needed] regex: 4.0.[0-4]
• Affected devices:
• Affected manufacturers:
• Fixed versions: 4.0.4_r2 [android-commit-tpsparkyroot]
• Submission: by: Daniel Carter, on: 2019-07-03

libmsm memory corruption

(json)

• CVE numbers: CVE-2014-4321 [libmsm-github]
• Coordinated disclosure?: false
• Categories: system
• Details: A memory read exploit that uses a vulnerability in the camera driver [android-paper]
• Discovered by: Hiroyuki Ikezoe [android-paper] on: Unknown
• Reported on: 2015-03-08 [libmsm-github]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers:
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-08

Mtkfb

(json)

• CVE numbers:
• Coordinated disclosure?: true
• Categories: system
• Details: Memory write vulnerabilities allow a local user to gain privileges [mtkfb-ele7enxxh-blog]
• Discovered by: KeenTeam [mtkfb-ele7enxxh-blog] on: 2015-04-30 [citation-needed]
• Reported on: 2015-04-30 [citation-needed]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers:
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-08

certifi-gate

(json)

• CVE numbers:
• Coordinated disclosure?: false
• Categories: app
• Details: Certifi-gate is a set of vulnerabilities in the authorization methods between mobile Remote Support Tool (mRST) apps and system-level plugs on a device. mRSTs allow remote personnel to offer customers personalized technical support for their devices by replicating a device’s screen and by simulating screen clicks at a remote console. If exploited, Certifi-gate allows malicious applications to gain unrestricted access to a device silently, elevating their privileges to allow access to the user data and perform a variety of actions usually only available to the device owner. [checkpoint-certifigate-blog][archived]
• Discovered by: Check Point Software Technologies Ltd. [checkpoint-certificate-report] on: Unknown
• Reported on: 2015-08-06 [checkpoint-certifigate-blog][archived]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers:
• Fixed versions:
• Submission: by: Laurent Simon, on: 2015-08-07; by: Daniel R. Thomas, on: 2016-06-01