158 matches found
CVE-2017-0761
A remote code execution vulnerability in the Android media framework libavc. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38448381...
CVE-2016-10398
Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens AuthTokens used by the Trusted Execution Environment TEE are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE...
CVE-2017-0674
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231163...
Multiple Lenovo VIBE phones privilege access vulnerability
Android 6.0 Marshmallow is a Linux-based open source operating system developed by Google and the Open Handset Alliance OHA in the U.S. The Lenovo A2010-a and other smartphone products from China's Lenovo use the Android 6.0 Marshmallow operating system. The Lenovo A2010-a is a smartphone from...
Elephone P9000 Lock Screen Lock Bypass Vulnerability
Android is a Linux-based open-source operating system developed by Google and the Open Handheld Alliance OHA, and the Elephone P9000 is a smartphone from China's Elephone Corporation that runs the Android operating system. lockscreen is one of the screen-locking component. A security vulnerabilit...
CVE-2017-10709
The lockscreen on Elephone P9000 devices running Android 6.0 allows physically proximate attackers to bypass a wrong-PIN lockout feature by pressing backspace after each PIN guess...
CVE-2017-0587
A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...
CVE-2017-0593
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications...
CVE-2017-0599
A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1...
UBUNTU-CVE-2017-0593
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications...
UBUNTU-CVE-2017-0592
A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution...
UBUNTU-CVE-2017-0557
An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0,...
CVE-2017-0556
An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0,...
CVE-2017-0487
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID:...
CVE-2017-0467
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...
CVE-2017-0495
An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0,...
CVE-2017-0490
An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to delete user data. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation or user permission. Product: Android...
CVE-2017-0470
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...
CVE-2017-0472
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver...
CVE-2017-0485
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID:...