Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  >> 7.2  Security Vulnerabilities
CVE-2015-8995
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-05-16
CVE-2015-8996
In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel.
CVSS Score
7.0
EPSS Score
0.0
Published
2017-05-16
CVE-2015-8997
In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel.
CVSS Score
7.0
EPSS Score
0.0
Published
2017-05-16
CVE-2015-8998
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-05-16
CVE-2015-8999
In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-05-16
CVE-2015-9000
In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-05-16
CVE-2016-5267
Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set.
CVSS Score
5.3
EPSS Score
0.003
Published
2016-08-05
CVE-2016-1671
Google Chrome before 50.0.2661.102 on Android mishandles / (slash) and \ (backslash) characters, which allows attackers to conduct directory traversal attacks via a file: URL, related to net/base/escape.cc and net/base/filename_util.cc.
CVSS Score
8.1
EPSS Score
0.002
Published
2016-05-14
CVE-2016-2813
Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values, via a crafted web site, a similar issue to CVE-2016-1780.
CVSS Score
6.5
EPSS Score
0.005
Published
2016-04-30
CVE-2016-1656
The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote attackers to bypass intended pathname restrictions via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2016-04-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved