CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2011-0680
https://notcve.org/view.php?id=CVE-2011-0680
31 Jan 2011 — data/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does not properly manage the draft cache, which allows remote attackers to read SMS messages intended for other recipients in opportunistic circumstances via a standard text messaging service. data/WorkingMessage.java en la aplicación Mms en Android anterior a v2.2.2 y v2.3.x anterior a v2.3.2 no maneja adecuadamente la 'draft' caché, lo que permite a atacantes remotos leer mensajes SMS previstos para otros destin... • http://android.git.kernel.org/?p=platform/packages/apps/Mms.git%3Ba=commit%3Bh=18d6b7e9d2e538fb3c0264332b96c02abf367267 •
CVSS: 9.3EPSS: 82%CPEs: 24EXPL: 2CVE-2010-1807 – Google Android 2.0 < 2.1 - Code Execution (Reverse Shell 10.0.2.2:2222/TCP)
https://notcve.org/view.php?id=CVE-2010-1807
10 Sep 2010 — WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation. WebKit en Apple Safari v4.x anteriores a v4.1.2 y v5.x anteriores a v5.0.2 no valida de forma adecuada los datos con punto flotante, lo que permite a atacantes remotos ejecutar... • https://www.exploit-db.com/exploits/15423 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3698
https://notcve.org/view.php?id=CVE-2009-3698
14 Oct 2009 — An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656. Una función sin especificar en la API de Dalvik en Android v1.5 y anteriores permite a atacantes remotos producir una denegación de servicio (reinicio de sistema) a través de una aplicación manipulada posiblemente un tema relacionado con CVE-2009-2656. • http://android.git.kernel.org/?p=platform/frameworks/base.git%3Ba=commit%3Bh=cf4550c3198d6b3d92cdc52707fe70d7cc0caa9f •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-2999
https://notcve.org/view.php?id=CVE-2009-2999
14 Oct 2009 — The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656. El proceso com.android.phone en Android v1.5 CRBxx permite a atacantes remotos producir una denegación de servicio (reinicio de aplicacion y desconexión de red) a través de un mensaje SMS que conteng... • http://android.git.kernel.org/?p=platform/frameworks/base.git%3Ba=commit%3Bh=46e23fe762d2143d60589ab6d39c4b47c2c754d1 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2009-2656
https://notcve.org/view.php?id=CVE-2009-2656
03 Aug 2009 — Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009. Vulnerabilidad sin especificar en el proceso com.android.phone en Android v1.0, v1.1 y v1.5, permite a atacantes remotos provocar una denegación de servicio (desconexión de la red) a través de un mensaje SMS manipulado, como se demostró por Co... • http://osvdb.org/56750 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2009-2348
https://notcve.org/view.php?id=CVE-2009-2348
17 Jul 2009 — Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and executing an application that does not make a permission request before using the camera or microphone. Android v1.5 CRBxx permite a a usuarios locales saltarse los valores de la configuración de (1) Manifest.permission.CAMERA (también conocido como android.permission.CAMERA) y... • http://android.git.kernel.org/?p=platform/frameworks/base.git%3Ba=commit%3Bh=4d8adefd35efdea849611b8b02d61f9517e47760 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2009-1754
https://notcve.org/view.php?id=CVE-2009-1754
26 May 2009 — The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted attackers to access application data by creating a package that specifies a shared user ID with an arbitrary application. La clase PackageManagerService en services/java/com/android/server/PackageManagerService.java en An... • http://android.git.kernel.org/?p=platform/frameworks/base.git%3Ba=commit%3Bh=5d6d773fab559fdc12e553d60d789f3991ac552c • CWE-287: Improper Authentication •