CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2018/01/12 11:29 p.m.•17 views

CVE-2017-13208

In receivepacket of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS8.5AI score0.08693EPSS

Prion•added 2018/01/12 11:29 p.m.•20 views

Remote code execution

In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8....

10CVSS8.9AI score0.02466EPSS

Prion•added 2018/01/12 11:29 p.m.•20 views

Heap overflow

In libMtkOmxVdec.so there is a possible heap buffer overflow. This could lead to a remote elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android kernel...

9.3CVSS8.3AI score0.00909EPSS

NVD•added 2018/01/12 11:29 p.m.•23 views

CVE-2017-13183

In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, there is a possible use after free due to a race condition if the user frees the buffer while it's being used in another thread. This could lead to a local elevation of privilege enabling code execution as a privileged process with...

7CVSS7.4AI score0.0015EPSS

Cvelist•added 2018/01/12 11:0 p.m.•17 views

CVE-2017-13184

In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...

7.7AI score0.00224EPSS

9.3CVSS6.4AI score0.00502EPSS

The vulnerability of the WLAN kernel component of the Android operating system from the CAF repository allows a hacker to execute arbitrary code within the context of a privileged process.

The vulnerability of the WLAN kernel component of the Android operating system, found in the CAF repository, is due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of a privileged process, using a specially crafted file...

BDU FSTEC•added 2017/12/26 12:0 a.m.•4 views

The vulnerability of the WLAN kernel component of the Android operating system from the CAF repository allows a hacker to execute arbitrary code within the context of a privileged process.

The vulnerability of the WLAN kernel component of the Android operating system arises from buffer overflows during the processing of Measurement Request IE requests. Exploiting this vulnerability allows a remote attacker to execute arbitrary code within the context of a privileged process using a...

9.3CVSS6.3AI score0.00601EPSS

BDU FSTEC•added 2017/12/26 12:0 a.m.•5 views

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system allows a hacker to execute arbitrary code within the context of a privileged process.

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system is related to lack of access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of a privileged process using a specially crafted file...

9.3CVSS7.7AI score0.01311EPSS

9.3CVSS7.7AI score0.01222EPSS

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system allows a hacker to execute arbitrary code within the context of a privileged process.

9.3CVSS6AI score0.0046EPSS

The vulnerability in the kgsl_ioctl_gpu_command function of the KGSL kernel driver for the Android operating system, found in the CAF repository, allows a malicious actor to execute arbitrary code within the context of a privileged process.

The vulnerability of the kgslioctlgpucommand function in the Kernel Graphics Support Layer of the Android operating system’s kernel, from the CAF repository, is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the...

BDU FSTEC•added 2017/12/26 12:0 a.m.•4 views

The vulnerability of the UnpackCore function in the Android operating system’s kernel from the CAF repository allows a hacker to execute arbitrary code within the context of a privileged process.

The vulnerability of the UnpackCore function in the Android operating system’s kernel from the CAF repository is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of a privileged process using a specially...

9.3CVSS7.7AI score0.00599EPSS

9.3CVSS7.7AI score0.01311EPSS

The vulnerability of the libmpeg2 library in the Media Framework of the Android operating system allows a hacker to execute arbitrary code within the context of a privileged process.

9.3CVSS7.7AI score0.01311EPSS

The vulnerability of the libavc library of the Media Framework operating system Android allows a hacker to execute arbitrary code within the context of a privileged process.

The vulnerability of the libavc library in the Media Framework component of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of a privileged process using a specially crafted...