| Android | Number Of NVD | 6838 | CRITICAL | 484 | HIGH | 2986 | MEDIUM | 3124 | LOW | 236 |
| URL | https://www.android.com/ | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | It is an operating system installed on smartphones provided by Google. Since it is open source, many manufacturers use it in their smartphones, tablets, and wearable devices. The support period differs for each development vendor. After Google provides a security patch, it is up to the vendor to provide the patch to the target devices. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://en.wikipedia.org/wiki/Android_version_history | ||
| 2 | https://source.android.com/setup/start/licenses | ||
| 3 | https://source.android.com/security/bulletin/ | ||
| 4 | https://developer.android.com/ | ||
| 5 | https://developer.android.com/about/versions/ | ||
| 6 | https://android-developers.googleblog.com/ |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 6621 | Android 14 | 14.1 | Nov. 6, 2024 | Aug. 7, 2024 | 0 | 3 | 1 | 0 | |||
| 6622 | Android 13 | 13.4 | Aug. 7, 2023 | Aug. 15, 2022 | 15 | 311 | 812 | 67 | |||
| 6623 | Android 12 | 12.4 | Oct. 17, 2022 | Oct. 4, 2020 | 43 | 479 | 1193 | 106 | |||
| 6624 | Android 11 | 11 | Sept. 8, 2020 | Sept. 8, 2020 | 58 | 636 | 1364 | 107 | |||
| 6625 | Android 10 | 10 | Sept. 3, 2019 | Sept. 3, 2019 | 103 | 680 | 1055 | 110 | |||
| 6626 | Android 9 | 9 | Aug. 6, 2018 | Aug. 6, 2018 | 112 | 463 | 331 | 35 | |||
| 6627 | Android 8 | 8.1.0 | Dec. 5, 2017 | Aug. 21, 2017 | 144 | 529 | 318 | 25 | |||
| 6628 | Android 7 | 7.1.2 | April 4, 2017 | Aug. 22, 2016 | 116 | 627 | 380 | 20 | |||
| 6629 | Android 6 | 6.0.1 | Dec. 7, 2015 | Oct. 5, 2015 | 109 | 734 | 397 | 20 | |||
| 6630 | Android 5 | 5.1.1 | April 21, 2015 | Nov. 12, 2014 | 67 | 661 | 317 | 16 | |||
| 6631 | Android 4 | 4.4.4 | June 19, 2014 | Oct. 18, 2011 | 53 | 577 | 271 | 16 | |||
| 6632 | Android 3 | 3.2.6 | Feb. 1, 2012 | Feb. 22, 2011 | 25 | 420 | 174 | 10 | |||
| 6633 | Android 2 | 2.2.3 | Nov. 21, 2011 | Oct. 26, 2009 | 25 | 424 | 181 | 12 | |||
| 6634 | Android 1 | 1.6 | Sept. 15, 2009 | Sept. 23, 2008 | 150 | 1558 | 2312 | 204 | |||
| 6635 | Android 9.0 | 9.0 | 109 | 441 | 323 | 34 | |||||
| 6636 | Android 7.2 | 7.2 | 16 | 61 | 79 | 9 | |||||
| 6637 | Android 12.1 | 12.1 | 15 | 229 | 224 | 23 | |||||
| 6638 | Android 12.0l | 12.0l | 0 | 28 | 68 | 9 | |||||
| 6639 | Android 12.0 | 12.0 | 43 | 447 | 1159 | 104 | |||||
| 6640 | Android 11.0 | 11.0 | 58 | 636 | 1364 | 107 | |||||
| 6641 | Android 10.0 | 10.0 | 103 | 680 | 1055 | 110 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 6621 |
5.5 4.3 |
MEDIUM
Local |
mail/compose/ComposeActivity.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 supports file:///data attachments, which allows attackers… |
CWE-200
Information Exposure |
CVE-2016-2425 |
cpe:2.3:o:google:android:6.0:* cpe:2.3:o:google:android:6.0.1:* cpe:2.3:o:google:android:5.1:* cpe:2.3:o:googl… |
2024-11-21 11:48 2016-04-18 |
Show | GitHub Exploit DB Packet Storm | ||||
| 6622 |
5.5 7.1 |
MEDIUM
Local |
server/content/SyncStorageEngine.java in SyncStorageEngine in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mismanages certain authority data, which allo… |
CWE-20
Improper Input Validation |
CVE-2016-2424 |
cpe:2.3:o:google:android:6.0:* cpe:2.3:o:google:android:6.0.1:* cpe:2.3:o:google:android:5.1:* cpe:2.3:o:googl… |
2024-11-21 11:48 2016-04-18 |
Show | GitHub Exploit DB Packet Storm | ||||
| 6623 |
5.5 4.3 |
MEDIUM
Local |
The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for attackers to defeat a cryptographic prot… |
CWE-200
Information Exposure |
CVE-2016-2427 |
cpe:2.3:o:google:android:6.0:* cpe:2.3:o:google:android:6.0.1:* cpe:2.3:o:google:android:5.1:* cpe:2.3:o:googl… |
2024-11-21 11:48 2016-04-18 |
Show | GitHub Exploit DB Packet Storm | ||||
| 6624 |
6.1 6.6 |
MEDIUM
Physics |
server/telecom/CallsManager.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider whether a device is provisioned… |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2016-2423 |
cpe:2.3:o:google:android:6.0:* cpe:2.3:o:google:android:6.0.1:* cpe:2.3:o:google:android:5.1:* cpe:2.3:o:googl… |
2024-11-21 11:48 2016-04-18 |
Show | GitHub Exploit DB Packet Storm | ||||
| 6625 |
7.8 9.3 |
HIGH
Local |
Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not prevent use of a Wi-Fi CA certificate in an unrelated CA role, which allows attackers to … |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2016-2422 |
cpe:2.3:o:google:android:6.0:* cpe:2.3:o:google:android:6.0.1:* cpe:2.3:o:google:android:5.1:* cpe:2.3:o:googl… |
2024-11-21 11:48 2016-04-18 |
Show | GitHub Exploit DB Packet Storm | ||||
| 6626 |
6.1 6.6 |
MEDIUM
Physics |
Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified … |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2016-2421 |
cpe:2.3:o:google:android:6.0:* cpe:2.3:o:google:android:6.0.1:* cpe:2.3:o:google:android:5.1:* cpe:2.3:o:googl… |
2024-11-21 11:48 2016-04-18 |
Show | GitHub Exploit DB Packet Storm | ||||
| 6627 |
7.8 9.3 |
HIGH
Local |
rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the /data/tombstones directory exists for the Debuggerd component, which allows attackers to gain privileges via a crafted application… |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2016-2420 |
cpe:2.3:o:google:android:6.0:* cpe:2.3:o:google:android:6.0.1:* cpe:2.3:o:google:android:5.1:* cpe:2.3:o:googl… |
2024-11-21 11:48 2016-04-18 |
Show | GitHub Exploit DB Packet Storm | ||||
| 6628 |
9.8 10.0 |
CRITICAL
Network |
media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize a certain key-request data structure, which allows attackers to obtain sensitive information from process m… |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2016-2419 |
cpe:2.3:o:google:android:6.0:* cpe:2.3:o:google:android:6.0.1:* |
2024-11-21 11:48 2016-04-18 |
Show | GitHub Exploit DB Packet Storm | ||||
| 6629 |
9.8 10.0 |
CRITICAL
Network |
media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize certain metadata buffer pointers, which allows attackers to obtain sensitive information from process memor… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2016-2418 |
cpe:2.3:o:google:android:6.0:* cpe:2.3:o:google:android:6.0.1:* |
2024-11-21 11:48 2016-04-18 |
Show | GitHub Exploit DB Packet Storm | ||||
| 6630 |
9.8 10.0 |
CRITICAL
Network |
media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a parameter data structure, which allows atta… |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2016-2417 |
cpe:2.3:o:google:android:6.0:* cpe:2.3:o:google:android:6.0.1:* cpe:2.3:o:google:android:5.1:* cpe:2.3:o:googl… |
2024-11-21 11:48 2016-04-18 |
Show | GitHub Exploit DB Packet Storm |