CVE Daily
← All tags

Tag: Android OS

All CVEs associated with "Android OS". Page 75/76 • 9114 CVEs.

Subscribe CVEs: RSS for “Android OS”  ·  RSS (High+Critical only)

About “Android OS”

A curated feed of “Android OS”-related CVEs appears below. We currently track 9114 CVEs for this tag (all time). In the last 365 days, 361 were published. Average CVSS is 6.8 (all time; 6.1 over 365d), and 49% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-926 - Improper Export of Android Application Components, CWE-451 - User Interface (UI) Misrepresentation of Critical Information, CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor.

In our taxonomy this topic maps to a MODERATE impact class. Issues here typically affect operating system packages or kernels. Plan reboots or service restarts and coordinate rollouts across fleets. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2012-10-09
Critical

CVE-2012-5261

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and be…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5260

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5259

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5258

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and be…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5257

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5256

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and be…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5255

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5254

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5253

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5252

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and be…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5251

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5250

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5249

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-5248

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2012-10-07
High

CVE-2011-3918

The Zygote process in Android 4.0.3 and earlier accepts fork requests from processes with arbitrary UIDs, which allows remote attackers to cause a denial of service (reboot loop) via a crafted applic…

CVSS: 7.8 CWE: CWE-399 View on NVD
2012-09-28
Medium

CVE-2012-4017

The jigbrowser+ application before 1.5.0 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.

CVSS: 4.3 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
Medium

CVE-2012-4016

The ATOK application before 1.0.4 for Android allows remote attackers to read the learning information file, and obtain sensitive input-string information, via a crafted application.

CVSS: 4.3 CWE: CWE-264 View on NVD
2012-09-14
Medium

CVE-2012-4013

The WebView class in the Cybozu KUNAI Browser for Remote Service application beta for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a cra…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-09-13
Medium

CVE-2012-4909

Google Chrome before 18.0.1025308 on Android allows remote attackers to obtain cookie information via a crafted application.

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
High

CVE-2012-4908

Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink.

CVSS: 7.5 CWE: CWE-264 View on NVD
Critical

CVE-2012-4907

Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page.

CVSS: 9.3 CWE: CWE-264 View on NVD
Medium

CVE-2012-4906

Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by…

CVSS: 5.0 CWE: CWE-264 View on NVD
Medium

CVE-2012-4905

Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universa…

CVSS: 4.3 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
Medium

CVE-2012-4904

Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by "Universal…

CVSS: 4.3 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
Medium

CVE-2012-4903

Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by…

CVSS: 5.0 CWE: CWE-264 View on NVD
2012-09-08
Medium

CVE-2012-4012

The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application th…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Critical

CVE-2012-4011

The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.

CVSS: 9.3 CWE: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') View on NVD
2012-08-31
Medium

CVE-2012-4171

Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and be…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2012-4009

The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted applicatio…

CVSS: 6.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
Medium

CVE-2012-4008

The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web…

CVSS: 6.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
2012-08-29
Medium

CVE-2012-3979

Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web p…

CVSS: 6.8 CWE: N/A View on NVD
2012-08-21
Medium

CVE-2012-4168

Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and be…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Critical

CVE-2012-4167

Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android…

CVSS: 10.0 CWE: CWE-189 View on NVD
Critical

CVE-2012-4165

Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and be…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-4164

Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and be…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-4163

Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and be…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2012-2980

The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTou…

CVSS: 7.1 CWE: CWE-255 View on NVD
2012-08-17
Medium

CVE-2012-4007

The mixi application before 4.3.0 for Android allows remote attackers to read potentially sensitive information in friends' comments via a crafted application that leverages the storage of these comm…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2012-4006

The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta application before 1.5.0, GREE Monpura application before 1.1.1, GREE Kaizokuoukoku Columbus applicat…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-08-08
Medium

CVE-2012-4004

Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allows remote attackers to in…

CVSS: 4.3 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
Medium

CVE-2012-2649

The Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allow remote attackers to execute arbitrary Java methods, and obtain sens…

CVSS: 6.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
2012-08-07
Medium

CVE-2012-4005

The NHN Japan NAVER LINE application before 2.5.5 for Android does not properly handle implicit intents, which allows remote attackers to obtain sensitive message information via a crafted applicatio…

CVSS: 5.0 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-08-06
Low

CVE-2012-1344

Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allows remote authenticated users to cause a denial of service (device reload) by using a web browser to refresh the SSL VPN portal p…

CVSS: 3.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2012-07-25
Medium

CVE-2012-2674

Multiple integer overflows in the (1) chk_malloc, (2) leak_malloc, and (3) leak_memalign functions in libc/bionic/malloc_debug_leak.c in Bionic (libc) for Android, when libc.debug.malloc is set, make…

CVSS: 4.3 CWE: CWE-189 View on NVD
Medium

CVE-2012-2646

The Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black Edition application before 2.1.0 for Android do not properly implement the WebView class, which allows remote attackers to obtai…

CVSS: 5.0 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-07-16
Medium

CVE-2012-2645

The Yahoo! Japan Yahoo! Browser application 1.2.0 and earlier for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted ap…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-07-05
Medium

CVE-2012-2640

The NEC BIGLOBE Yome Collection application 1.8.3 and earlier for Android allows remote attackers to read the IMEI value from an SD card via a crafted application that lacks the READ_PHONE_STATE perm…

CVSS: 5.0 CWE: CWE-264 View on NVD
2012-06-15
Medium

CVE-2012-2635

The Dolphin Browser HD application before 7.6 and Dolphin for Pad application before 1.0.1 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive i…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-06-09
Critical

CVE-2012-2040

Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on…

CVSS: 9.3 CWE: CWE-426 - Untrusted Search Path View on NVD
Critical

CVE-2012-2039

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and be…

CVSS: 9.3 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2012-2038

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and be…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Critical

CVE-2012-2037

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and be…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2012-2036

Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android…

CVSS: 9.3 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Critical

CVE-2012-2035

Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10…

CVSS: 9.3 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2012-2034

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and be…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2012-06-04
Medium

CVE-2012-2630

The Puella Magi Madoka Magica iP application 1.05 and earlier for Android places cleartext Twitter credentials in a log file, which allows remote attackers to obtain sensitive information via a craft…

CVSS: 4.3 CWE: CWE-255 View on NVD
2012-05-29
Critical

CVE-2012-2949

The ZTE sync_agent program for Android 2.3.4 on the Score M device uses a hardcoded ztex1609523 password to control access to commands, which allows remote attackers to gain privileges via a crafted…

CVSS: 10.0 CWE: CWE-264 View on NVD
2012-05-22
Low

CVE-2012-2567

The Xelex MobileTrack application 2.3.7 and earlier for Android uses hardcoded credentials, which allows remote attackers to obtain sensitive information via an unencrypted (1) FTP or (2) HTTP sessio…

CVSS: 2.6 CWE: CWE-255 View on NVD
High

CVE-2012-2562

The Xelex MobileTrack application 2.3.7 and earlier for Android does not verify the origin of SMS commands, which allows remote attackers to execute a (1) LOCATE, (2) TRACK, (3) UPDATECFG, (4) UPDATE…

CVSS: 7.6 CWE: CWE-20 - Improper Input Validation View on NVD
2012-05-21
Medium

CVE-2012-1249

The iLunascape application 1.0.4.0 and earlier for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive stored information via a crafted applicatio…

CVSS: 5.0 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-05-04
Critical

CVE-2012-0779

Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attack…

CVSS: 9.3 CWE: N/A View on NVD
2012-05-01
Medium

CVE-2012-2217

The HTC IQRD service for Android on the HTC EVO 4G before 4.67.651.3, EVO Design 4G before 2.12.651.5, Shift 4G before 2.77.651.3, EVO 3D before 2.17.651.5, EVO View 4G before 2.23.651.1, Vivid befor…

CVSS: 6.4 CWE: CWE-264 View on NVD
2012-04-27
Medium

CVE-2012-1244

The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain…

CVSS: 5.8 CWE: CWE-310 View on NVD
2012-04-22
Medium

CVE-2012-1243

The TwitRocker2 application before 1.0.23 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.

CVSS: 5.0 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-03-28
Critical

CVE-2012-0773

The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Fla…

CVSS: 9.3 CWE: CWE-787 - Out-of-bounds Write View on NVD
2012-03-17
Medium

CVE-2012-0326

The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted applica…

CVSS: 5.0 CWE: CWE-264 View on NVD
2012-03-15
Critical

CVE-2012-1485

Unspecified vulnerability in the NetFront Life Browser (com.access_company.android.nflifebrowser.lite) application 2.2.0 and 2.3.0 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1484

Unspecified vulnerability in the WaliSMS CN (cn.com.wali.walisms) application 2.9.2 and 3.7.0 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1483

Unspecified vulnerability in the Message Forwarder (com.gmail.zbnetium) application 1.12.20110409.1 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1482

Unspecified vulnerability in the TouchPal Contacts (com.cootek.smartdialer) application 3.3.1 and 4.0.1 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1481

Unspecified vulnerability in the Textdroid (com.app.android.textdroid) application 2.5.2 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
2012-03-14
High

CVE-2012-0463

The nsWindow implementation in the browser engine in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ES…

CVSS: 7.5 CWE: CWE-20 - Improper Input Validation View on NVD
Critical

CVE-2012-1480

Unspecified vulnerability in the Pansi SMS (com.pansi.msg) application 1.97, 2.01, and 2.07 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1479

Unspecified vulnerability in the AContact (com.movester.quickcontact) application 1.8.2 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1478

Unspecified vulnerability in the UCMobile BloveStorm (com.blovestorm) application 2.2.0 and 3.2.1 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1477

Unspecified vulnerability in the Cnectd (mci.cnectd) application 3.1.0 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1476

Unspecified vulnerability in the KKtalk (com.kkliaotian.android) application 4.0.0 and 4.1.5 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1475

Unspecified vulnerability in the YagattaTalk Messenger (com.iskoot.yagatta.yagattatalk) application 1.00.01.08 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1474

Unspecified vulnerability in the Youni SMS (com.snda.youni) application 2.1.0c and 2.1.0d for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1409

Unspecified vulnerability in the Tiny Password (com.tinycouch.android.freepassword) application 1.64 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1408

Unspecified vulnerability in the App Lock (com.cc.applock) application 1.7.5 and 1.7.6 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
2012-03-07
Critical

CVE-2012-1407

Unspecified vulnerability in the GO Message Widget (com.gau.go.launcherex.gowidget.smswidget) application 1.9, 2.1, and 2.3 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1406

Unspecified vulnerability in the GO Bookmark Widget (com.gau.go.launcherex.gowidget.bookmark) application 1.1 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1405

Unspecified vulnerability in the GO Note Widget (com.gau.go.launcherex.gowidget.notewidget) application 1.5 and 1.9 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1404

Unspecified vulnerability in the Dolphin Browser Mini (com.dolphin.browser) application 2.2 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1403

Unspecified vulnerability in the Dolphin Browser CN (com.dolphin.browser.cn) application 6.3.1 and 7.2.1 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1402

Unspecified vulnerability in the QianXun YingShi (com.qianxun.yingshi) application 1.2.3 and 1.3.4 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1401

Unspecified vulnerability in the CamScanner (com.intsig.camscanner) application 1.2.2.20110823 and 1.3.2.20120116 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1400

Unspecified vulnerability in the U+Box 2.0 Pad (lg.uplusbox.pad) application 2.0.8.4 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1399

Unspecified vulnerability in the U+Box 2.0 (lg.uplusbox) application 2.0.2 and 2.0.8.4 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1398

Unspecified vulnerability in the GO WeiboWidget (com.gau.go.launcherex.gowidget.weibowidget) application 2.4 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1397

Unspecified vulnerability in the GO QQWeiboWidget (com.gau.go.launcherex.gowidget.qqweibowidget) application 1.2 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1396

Unspecified vulnerability in the GO FBWidget (com.gau.go.launcherex.gowidget.fbwidget) application 1.9 and 2.1 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1395

Unspecified vulnerability in the GO TwiWidget (com.gau.go.launcherex.gowidget.twitterwidget) application 1.7 and 2.1 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1394

Unspecified vulnerability in the GO Email Widget (com.gau.go.launcherex.gowidget.emailwidget) application 1.3.1, 1.8, and 1.81 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1393

Unspecified vulnerability in the GO SMS Pro (com.jb.gosms) application 3.72, 4.10, and 4.35 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1392

Unspecified vulnerability in the Dolphin Browser HD (mobi.mgeek.TunnyBrowser) application 6.2.0, 7.2.1, 7.3.0, and 7.4.0 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1391

Unspecified vulnerability in the mOffice - Outlook sync (com.innov8tion.isharesync) application 3.1 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1390

Unspecified vulnerability in the Miso (com.bazaarlabs.miso) application 2.2 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1389

Unspecified vulnerability in the Di Long Weibo (com.icekirin.weibos) application 1.9.9 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1388

Unspecified vulnerability in the XiXunTianTian (com.xixun.tiantian) application 0.6.2 beta for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1387

Unspecified vulnerability in the RealTalk (com.tmsmanager.tms) application A.0.9.250 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1386

Unspecified vulnerability in the YouMail Visual Voicemail Plus (com.youmail.android.vvm) application 2.0.45 and 2.1.43 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1385

Unspecified vulnerability in the NetEase WeiboHD (com.netease.wbhd) application 1.0.0 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1384

Unspecified vulnerability in the NetEase Pmail (com.netease.rpmms) application 0.5.0 and 0.5.2 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1383

Unspecified vulnerability in the NetEase Reader (com.netease.pris) application 1.1.2 and 1.2.0 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1382

Unspecified vulnerability in the Youdao Dictionary (com.youdao.dict) application 1.6.1, 2.0.1(2), and 3.0.0(1) for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1381

Unspecified vulnerability in the NetEase CloudAlbum (com.netease.cloudalbum) application 2.0.0 and 2.2.0 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-1380

Unspecified vulnerability in the NetEaseWeibo (com.netease.wb) application 1.2.1 and 1.2.2 for Android has unknown impact and attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
2012-03-05
Medium

CVE-2012-0769

Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not pro…

CVSS: 5.0 CWE: CWE-189 View on NVD
Critical

CVE-2012-0768

The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 o…

CVSS: 10.0 CWE: CWE-399 View on NVD
Medium

CVE-2012-0322

The EStrongs ES File Explorer application 1.6.0.2 through 1.6.1.1 for Android does not properly restrict access, which allows remote attackers to read arbitrary files via vectors involving an unspeci…

CVSS: 4.3 CWE: CWE-264 View on NVD
2012-03-02
Medium

CVE-2012-0316

The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and earlier applications for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information…

CVSS: 5.0 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-02-16
Medium

CVE-2012-0767

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and b…

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
Critical

CVE-2012-0756

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attac…

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2012-0755

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attac…

CVSS: 9.3 CWE: N/A View on NVD
High

CVE-2012-0754

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attac…

CVSS: 8.1 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2012-0753

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attac…

CVSS: 9.3 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2012-0752

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attac…

CVSS: 9.3 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
2012-02-05
Low

CVE-2011-4872

Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI4…

CVSS: 2.6 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD