Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Android Number Of NVD 6904 CRITICAL 484 HIGH 3022 MEDIUM 3149 LOW 241
URL https://www.android.com/
Explanation It is an operating system installed on smartphones provided by Google.
Since it is open source, many manufacturers use it in their smartphones, tablets, and wearable devices.

The support period differs for each development vendor.
After Google provides a security patch, it is up to the vendor to provide the patch to the target devices.
Tag
  • Mobile
  • Google
  • Apache License v2.0
  • GPL v2
  • LGPL 2.1+

Add Information URL
No Type Name URL
1 https://en.wikipedia.org/wiki/Android_version_history
2 https://source.android.com/setup/start/licenses
3 https://source.android.com/security/bulletin/
4 https://developer.android.com/
5 https://developer.android.com/about/versions/
6 https://android-developers.googleblog.com/

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
5361 Android 17 June 16, 2026 June 16, 2026 0 0 0 0
5362 Android 14 14.1 Nov. 6, 2024 Aug. 7, 2024 0 3 1 0
5363 Android 13 13.4 Aug. 7, 2023 Aug. 15, 2022 15 317 812 67
5364 Android 12 12.4 Oct. 17, 2022 Oct. 4, 2020 43 479 1193 106
5365 Android 11 11 Sept. 8, 2020 Sept. 8, 2020 58 636 1364 107
5366 Android 10 10 Sept. 3, 2019 Sept. 3, 2019 103 680 1055 110
5367 Android 9 9 Aug. 6, 2018 Aug. 6, 2018 112 463 331 35
5368 Android 8 8.1.0 Dec. 5, 2017 Aug. 21, 2017 144 529 318 25
5369 Android 7 7.1.2 April 4, 2017 Aug. 22, 2016 116 627 380 20
5370 Android 6 6.0.1 Dec. 7, 2015 Oct. 5, 2015 109 734 397 20
5371 Android 5 5.1.1 April 21, 2015 Nov. 12, 2014 67 661 317 16
5372 Android 4 4.4.4 June 19, 2014 Oct. 18, 2011 53 577 271 16
5373 Android 3 3.2.6 Feb. 1, 2012 Feb. 22, 2011 25 420 174 10
5374 Android 2 2.2.3 Nov. 21, 2011 Oct. 26, 2009 25 424 181 12
5375 Android 1 1.6 Sept. 15, 2009 Sept. 23, 2008 150 1594 2337 209
5376 Android 9.0 9.0 109 441 323 34
5377 Android 7.2 7.2 16 61 79 9
5378 Android 12.1 12.1 15 229 224 23
5379 Android 12.0l 12.0l 0 28 68 9
5380 Android 12.0 12.0 43 447 1159 104
5381 Android 11.0 11.0 58 636 1364 107
5382 Android 10.0 10.0 103 680 1055 110
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
5361 7.5
7.8
HIGH
Network
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible NULL pointer dereference due to missing bounds checks. This could lead to remote denial of service with no additional execution pr… CWE-476
 NULL Pointer Dereference
CVE-2017-13291 cpe:2.3:o:google:android:8.1:*
cpe:2.3:o:google:android:8.0:*
cpe:2.3:o:google:android:7.1.2:*
cpe:2.3:o:googl…
2024-11-21 12:11
2018-04-5
Show GitHub Exploit DB Packet Storm
5362 6.2
2.1
MEDIUM
Local
In sdp_server_handle_client_req of sdp_server.cc, there is an out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges… CWE-125
Out-of-bounds Read
CVE-2017-13290 cpe:2.3:o:google:android:8.1:*
cpe:2.3:o:google:android:8.0:*
cpe:2.3:o:google:android:7.1.2:*
cpe:2.3:o:googl…
2024-11-21 12:11
2018-04-5
Show GitHub Exploit DB Packet Storm
5363 7.8
7.2
HIGH
Local
In writeToParcel and createFromParcel of RttManager.java, there is a permission bypass due to a write size mismatch. This could lead to a local escalation of privileges where the user can start an ac… CWE-131
Incorrect Calculation of Buffer Size
CVE-2017-13289 cpe:2.3:o:google:android:8.1:*
cpe:2.3:o:google:android:8.0:*
cpe:2.3:o:google:android:7.1.2:*
cpe:2.3:o:googl…
2024-11-21 12:11
2018-04-5
Show GitHub Exploit DB Packet Storm
5364 7.8
7.2
HIGH
Local
In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission bypass due to a 64/32bit int mismatch. This could lead to a local escalation of privilege where the user c… CWE-682
 Incorrect Calculation
CVE-2017-13288 cpe:2.3:o:google:android:8.1:*
cpe:2.3:o:google:android:8.0:*
2024-11-21 12:11
2018-04-5
Show GitHub Exploit DB Packet Storm
5365 7.8
7.2
HIGH
Local
In createFromParcel of VerifyCredentialResponse.java, there is a possible invalid parcel read due to improper input validation. This could lead to local escalation of privilege if mPayload in writeTo… CWE-20
 Improper Input Validation 
CVE-2017-13287 cpe:2.3:o:google:android:8.1:*
cpe:2.3:o:google:android:8.0:*
cpe:2.3:o:google:android:7.1.2:*
cpe:2.3:o:googl…
2024-11-21 12:11
2018-04-5
Show GitHub Exploit DB Packet Storm
5366 7.8
7.2
HIGH
Local
In writeToParcel and readFromParcel of OutputConfiguration.java, there is a permission bypass due to mismatched serialization. This could lead to a local escalation of privilege where the user can st… CWE-502
 Deserialization of Untrusted Data
CVE-2017-13286 cpe:2.3:o:google:android:8.1:*
cpe:2.3:o:google:android:8.0:*
2024-11-21 12:11
2018-04-5
Show GitHub Exploit DB Packet Storm
5367 9.8
10.0
CRITICAL
Network
In SvoxSsmlParser and startElement of svox_ssml_parser.cpp, there is a possible out of bounds write due to an uninitialized buffer. This could lead to remote code execution in an unprivileged process… CWE-787
 Out-of-bounds Write
CVE-2017-13285 cpe:2.3:o:google:android:8.1:*
cpe:2.3:o:google:android:8.0:*
cpe:2.3:o:google:android:7.1.2:*
cpe:2.3:o:googl…
2024-11-21 12:11
2018-04-5
Show GitHub Exploit DB Packet Storm
5368 9.8
10.0
CRITICAL
Network
In config_set_string of config.cc, it is possible to pair a second BT keyboard without user approval due to improper input validation. This could lead to remote escalation of privilege with no additi… CWE-20
 Improper Input Validation 
CVE-2017-13284 cpe:2.3:o:google:android:8.1:*
cpe:2.3:o:google:android:8.0:*
cpe:2.3:o:google:android:7.1.2:*
cpe:2.3:o:googl…
2024-11-21 12:11
2018-04-5
Show GitHub Exploit DB Packet Storm
5369 9.8
10.0
CRITICAL
Network
In avrc_ctrl_pars_vendor_rsp of bluetooth avrcp_ctrl, there is a possible out of bounds write on the stack due to a missing bounds check. This could lead to remote code execution with no additional e… CWE-787
 Out-of-bounds Write
CVE-2017-13283 cpe:2.3:o:google:android:8.1:*
cpe:2.3:o:google:android:8.0:*
cpe:2.3:o:google:android:7.1.2:*
cpe:2.3:o:googl…
2024-11-21 12:11
2018-04-5
Show GitHub Exploit DB Packet Storm
5370 9.8
10.0
CRITICAL
Network
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privile… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2017-13282 cpe:2.3:o:google:android:8.1:*
cpe:2.3:o:google:android:8.0:*
cpe:2.3:o:google:android:7.1.2:*
cpe:2.3:o:googl…
2024-11-21 12:11
2018-04-5
Show GitHub Exploit DB Packet Storm