Lucene search
+L

587 matches found

Cvelist
Cvelist
added 2018/04/04 5:0 p.m.19 views

CVE-2017-13253

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.0, 8.1...

7.8AI score0.02924EPSS
Exploits2References3
Cvelist
Cvelist
added 2018/04/04 5:0 p.m.20 views

CVE-2017-13252

In CryptoHal::decrypt of CryptoHal.cpp, there is an out of bounds write due to improper input validation that results in a read from uninitialized memory. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.8AI score0.00593EPSS
Exploits0References2
CVE
CVE
added 2018/04/04 5:0 p.m.52 views

CVE-2017-13263

CVE-2017-13263 affects the Android framework (Android 8.0 and 8.1). The incident is classified as an Elevation of Privilege (EoP) in the framework; no specific root-cause technical details are provided in the documents. The accessible sources identify it under the Framework category with a Modera...

7.5CVSS7AI score0.00329EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/04/04 5:0 p.m.60 views

CVE-2017-13250

CVE-2017-13250 affects Android and targets the media decoding path in ih264d_utils.c, specifically ih264d_fmt_conv_420sp_to_420p. The root cause is an out-of-bounds write caused by a multiplication error, enabling remote code execution with user interaction required on affected builds. Affected v...

9.3CVSS7.9AI score0.01113EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/04/04 5:0 p.m.21 views

CVE-2017-13248

In impeg2idctreconsse42 of impeg2idctreconsse42intr.c, there is an out of bound write due to a missing bounds check. This could lead to an remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0...

8AI score0.01113EPSS
Exploits0References2
NVD
NVD
added 2018/04/04 4:29 p.m.54 views

CVE-2017-13289

In writeToParcel and createFromParcel of RttManager.java, there is a permission bypass due to a write size mismatch. This could lead to a local escalation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is...

7.8CVSS7.7AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2018/04/04 4:29 p.m.15 views

CVE-2017-13302

A denial of service vulnerability in the Android system system ui. Product: Android. Versions: 8.0. Android ID: A-69969749...

7.8CVSS7.1AI score0.0043EPSS
Exploits0References1
Prion
Prion
added 2018/04/04 4:29 p.m.14 views

Design/Logic Flaw

In writeToParcel and readFromParcel of OutputConfiguration.java, there is a permission bypass due to mismatched serialization. This could lead to a local escalation of privilege where the user can start an activity with system privileges, with no additional execution privileges needed. User...

7.2CVSS7.6AI score0.0033EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/04/04 4:29 p.m.19 views

Out-of-bounds

In the FrameSequencegif::FrameSequencegif function of libframesequence, there is a out of bounds read due to a missing bounds check. This could lead to a remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...

5CVSS7.3AI score0.00811EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/04/04 4:29 p.m.21 views

Stack overflow

In CProgramConfigReadHeightExt of tpdecasc.cpp, there is a possible stack buffer overflow due to a missing bounds check. This could lead to a remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1,...

6.8CVSS8AI score0.00693EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/04/04 4:29 p.m.20 views

Design/Logic Flaw

In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop of pushing items into a vector. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0,...

4.3CVSS5.6AI score0.00536EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/04/04 4:29 p.m.23 views

Denial of service

A denial of service vulnerability in the Android framework package installer. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-62537081...

5CVSS6.2AI score0.00415EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/04/04 4:29 p.m.11 views

Null pointer dereference

In avrcctrlparsvendorrsp of avrcparsct.cc, there is a possible NULL pointer dereference due to missing bounds checks. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1...

7.8CVSS7.4AI score0.01083EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/04/04 4:29 p.m.20 views

CVE-2017-13285

In SvoxSsmlParser and startElement of svoxssmlparser.cpp, there is a possible out of bounds write due to an uninitialized buffer. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS9.3AI score0.01623EPSS
Exploits0References1
OSV
OSV
added 2018/04/04 4:29 p.m.4 views

CVE-2017-13275

In getVSCoverage of CmapCoverage.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID:...

5.5CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2018/04/04 4:29 p.m.13 views

Out-of-bounds

In SvoxSsmlParser and startElement of svoxssmlparser.cpp, there is a possible out of bounds write due to an uninitialized buffer. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS9AI score0.01623EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/04/04 4:29 p.m.26 views

CVE-2017-13276

In CProgramConfigReadHeightExt of tpdecasc.cpp, there is a possible stack buffer overflow due to a missing bounds check. This could lead to a remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1,...

7.8CVSS8.1AI score0.00693EPSS
Exploits0References1
Prion
Prion
added 2018/04/04 4:29 p.m.10 views

Out-of-bounds

In sdpserverhandleclientreq of sdpserver.cc, there is an out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0,...

2.1CVSS5.7AI score0.00169EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/04/04 4:29 p.m.17 views

Stack overflow

In avrcparsbrowsingcmd of avrcparstg.cc, there is a possible stack buffer overflow due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1...

10CVSS9.2AI score0.01793EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/04/04 4:29 p.m.15 views

Design/Logic Flaw

In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission bypass due to a 64/32bit int mismatch. This could lead to a local escalation of privilege where the user can start an activity with system privileges, with no additional execution privileges needed. User...

7.2CVSS7.6AI score0.00197EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder