Lucene search
+L

587 matches found

NVD
NVD
added 2018/01/12 11:29 p.m.17 views

CVE-2017-13211

In btascanresultscbimpl of btifblescanner.cc, there is possible resource exhaustion if a large number of repeated BLE scan results are received. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not neede...

7.8CVSS7.3AI score0.02173EPSS
Exploits0References3
NVD
NVD
added 2018/01/12 11:29 p.m.15 views

CVE-2017-13210

In CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp, there is an out-of-bounds write if metadataSize is too small. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is n...

7.8CVSS7.8AI score0.00215EPSS
Exploits0References3
Prion
Prion
added 2018/01/12 11:29 p.m.16 views

Design/Logic Flaw

In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...

7.2CVSS7.6AI score0.0022EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/01/12 11:29 p.m.14 views

CVE-2017-0855

In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not need...

7.8CVSS7.4AI score0.0173EPSS
Exploits0References3
Prion
Prion
added 2018/01/12 11:29 p.m.18 views

Out-of-bounds

In the ihevcdallocatestaticbufs and ihevcdcreate functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both pscodecobj and pscreateop-sivdcreateopt.pvhandle point to the same memory and pscodecobj could be freed without clearing pscreateop-sivdcreateopt.pvhandle...

10CVSS9AI score0.02352EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/01/12 11:29 p.m.16 views

Design/Logic Flaw

In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.4AI score0.02173EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2018/01/12 11:29 p.m.21 views

CVE-2017-0855

In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not need...

7.8CVSS7.3AI score0.0173EPSS
Exploits0References2
Prion
Prion
added 2018/01/12 11:29 p.m.19 views

Privilege escalation

In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could allow an application or service to replace a HAL service with its own service. This could lead to a local elevation of privilege enabling code...

7.2CVSS7.6AI score0.00753EPSS
Exploits2References4Affected Software1
Prion
Prion
added 2018/01/12 11:29 p.m.15 views

Integer overflow

In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not...

7.2CVSS7.7AI score0.002EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/01/12 11:29 p.m.24 views

Design/Logic Flaw

In the ihevcdparsesps function of ihevcdparseheaders.c, several parameter values could be negative which could lead to negative indexes which could lead to an infinite loop. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed...

7.8CVSS7.4AI score0.0173EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/01/12 11:29 p.m.23 views

Out-of-bounds

In receivepacket of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS9AI score0.08533EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/01/12 11:0 p.m.20 views

CVE-2017-13184

In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...

7.7AI score0.0022EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/01/12 11:0 p.m.19 views

CVE-2017-13200

An information disclosure vulnerability in the Android media framework av related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63100526...

6.9AI score0.00437EPSS
Exploits0References2
CVE
CVE
added 2018/01/12 11:0 p.m.153 views

CVE-2017-13177

The CVE-2017-13177 entry concerns a vulnerability in the Android Media Framework where several libhevc functions fail to preserve NEON registers. This can enable remote code execution (RCE) in a privileged process with no required user interaction, affecting Android versions 5.1.1, 6.0, 6.0.1, 7....

10CVSS9.1AI score0.0242EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/01/12 11:0 p.m.26 views

CVE-2017-13199

In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation...

7.4AI score0.02173EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/01/12 11:0 p.m.17 views

CVE-2017-13182

In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not...

7.8AI score0.002EPSS
Exploits0References3
CVE
CVE
added 2018/01/12 11:0 p.m.49 views

CVE-2017-13212

CVE-2017-13212 is an Elevation of Privilege in Android’s systemui affecting Android 5.1.1–8.0. The vulnerable component is the Android System UI; root cause is not detailed in the provided documents. No exploitation details are provided. The Pixel/Nexus bulletin lists this CVE under the System ca...

7.8CVSS7.4AI score0.00152EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/01/08 12:0 a.m.5 views

Google Android Media Framework elevation of privilege vulnerability (CNVD-2018-00635)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA, and MediaFramework is one of the frameworks used for multimedia development. An elevation of privilege vulnerability exists in Media Framework in Android versions 8.0 and 8.1. A...

7.8CVSS7.4AI score0.002EPSS
Exploits0References1
CNVD
CNVD
added 2018/01/08 12:0 a.m.6 views

Google Android System Component Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in Android versions 8.0 and 8.1. A remote attacker can exploit this vulnerability to execute arbitrary code...

7.8CVSS7.7AI score0.00753EPSS
Exploits2References1
android
android
added 2018/01/01 12:0 a.m.37 views

CVE-2017-13178

In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...

10CVSS6.7AI score0.02352EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder