Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Android Number Of NVD 6904 CRITICAL 484 HIGH 3022 MEDIUM 3149 LOW 241
URL https://www.android.com/
Explanation It is an operating system installed on smartphones provided by Google.
Since it is open source, many manufacturers use it in their smartphones, tablets, and wearable devices.

The support period differs for each development vendor.
After Google provides a security patch, it is up to the vendor to provide the patch to the target devices.
Tag
  • Mobile
  • Google
  • Apache License v2.0
  • GPL v2
  • LGPL 2.1+

Add Information URL
No Type Name URL
1 https://en.wikipedia.org/wiki/Android_version_history
2 https://source.android.com/setup/start/licenses
3 https://source.android.com/security/bulletin/
4 https://developer.android.com/
5 https://developer.android.com/about/versions/
6 https://android-developers.googleblog.com/

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
6731 Android 14 14.1 Nov. 6, 2024 Aug. 7, 2024 0 3 1 0
6732 Android 13 13.4 Aug. 7, 2023 Aug. 15, 2022 15 317 812 67
6733 Android 12 12.4 Oct. 17, 2022 Oct. 4, 2020 43 479 1193 106
6734 Android 11 11 Sept. 8, 2020 Sept. 8, 2020 58 636 1364 107
6735 Android 10 10 Sept. 3, 2019 Sept. 3, 2019 103 680 1055 110
6736 Android 9 9 Aug. 6, 2018 Aug. 6, 2018 112 463 331 35
6737 Android 8 8.1.0 Dec. 5, 2017 Aug. 21, 2017 144 529 318 25
6738 Android 7 7.1.2 April 4, 2017 Aug. 22, 2016 116 627 380 20
6739 Android 6 6.0.1 Dec. 7, 2015 Oct. 5, 2015 109 734 397 20
6740 Android 5 5.1.1 April 21, 2015 Nov. 12, 2014 67 661 317 16
6741 Android 4 4.4.4 June 19, 2014 Oct. 18, 2011 53 577 271 16
6742 Android 3 3.2.6 Feb. 1, 2012 Feb. 22, 2011 25 420 174 10
6743 Android 2 2.2.3 Nov. 21, 2011 Oct. 26, 2009 25 424 181 12
6744 Android 1 1.6 Sept. 15, 2009 Sept. 23, 2008 150 1594 2337 209
6745 Android 9.0 9.0 109 441 323 34
6746 Android 7.2 7.2 16 61 79 9
6747 Android 12.1 12.1 15 229 224 23
6748 Android 12.0l 12.0l 0 28 68 9
6749 Android 12.0 12.0 43 447 1159 104
6750 Android 11.0 11.0 58 636 1364 107
6751 Android 10.0 10.0 103 680 1055 110
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
6731 5.3
5.0
MEDIUM
Network
libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via crafted Bitstream data, … CWE-200
CWE-254
Information Exposure
 7PK - Security Features
CVE-2016-0824 cpe:2.3:o:google:android:6.0:*
cpe:2.3:o:google:android:6.0.1:*
2024-11-21 11:42
2016-03-13
Show GitHub Exploit DB Packet Storm
6732 4.0
2.1
MEDIUM
Local
The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by r… CWE-200
Information Exposure
CVE-2016-0823 cpe:2.3:o:google:android:6.0.1:* 2024-11-21 11:42
2016-03-13
Show GitHub Exploit DB Packet Storm
6733 7.0
7.6
HIGH
Local
The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324. CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-0822 cpe:2.3:o:google:android:6.0.1:* 2024-11-21 11:42
2016-03-13
Show GitHub Exploit DB Packet Storm
6734 5.5
2.1
MEDIUM
Local
The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, w… CWE-908
 Use of Uninitialized Resource
CVE-2016-0821 cpe:2.3:o:google:android:6.0.1:* 2024-11-21 11:42
2016-03-13
Show GitHub Exploit DB Packet Storm
6735 7.8
9.3
HIGH
Local
The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358. CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-0820 cpe:2.3:o:google:android:6.0.1:* 2024-11-21 11:42
2016-03-13
Show GitHub Exploit DB Packet Storm
6736 7.8
9.3
HIGH
Local
The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 2536… CWE-264
Permissions, Privileges, and Access Controls
CVE-2016-0819 cpe:2.3:o:google:android:6.0:*
cpe:2.3:o:google:android:6.0.1:*
cpe:2.3:o:google:android:5.1:*
cpe:2.3:o:googl…
2024-11-21 11:42
2016-03-13
Show GitHub Exploit DB Packet Storm
6737 5.9
4.3
MEDIUM
Network
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinctio… CWE-254
CWE-345
 7PK - Security Features
 Insufficient Verification of Data Authenticity
CVE-2016-0818 cpe:2.3:o:google:android:6.0:*
cpe:2.3:o:google:android:6.0.1:*
cpe:2.3:o:google:android:5.1:*
cpe:2.3:o:googl…
2024-11-21 11:42
2016-03-13
Show GitHub Exploit DB Packet Storm
6738 9.8
10.0
CRITICAL
Network
mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_par… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2016-0816 cpe:2.3:o:google:android:6.0:*
cpe:2.3:o:google:android:6.0.1:*
2024-11-21 11:42
2016-03-13
Show GitHub Exploit DB Packet Storm
6739 9.8
10.0
CRITICAL
Network
The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers… CWE-20
 Improper Input Validation 
CVE-2016-0815 cpe:2.3:o:google:android:6.0:*
cpe:2.3:o:google:android:6.0.1:*
cpe:2.3:o:google:android:5.1:*
cpe:2.3:o:googl…
2024-11-21 11:42
2016-03-13
Show GitHub Exploit DB Packet Storm
6740 9.8
10.0
CRITICAL
Network
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory… NVD-CWE-Other
CVE-2016-0705 cpe:2.3:o:google:android:6.0:*
cpe:2.3:o:google:android:6.0.1:*
cpe:2.3:o:google:android:5.1:*
cpe:2.3:o:googl…
2024-11-21 11:42
2016-03-4
Show GitHub Exploit DB Packet Storm