CVE-2017-13266

In avrcparsvendorcmd of avrcparstg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0,...

CVE-2017-18067

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation while processing an encrypted authentication management frame in limsendauthmgmtframe leads to buffer overflow...

CVE-2017-17773

In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MDM9206,MDM9607,MDM9650,SD 210/SD 212/SD 205,SD 400,SD 410/12,SD 425,SD 430,SD 450,SD 600,SD 602A,SD 615/16/SD 415,SD 617,SD 625,SD 650/52,SD 800,SD 808,SD 810,SD 820,SD 820Am,SD 835,SD 845,MSM8909W, improper input validation in...

CVE-2017-13272

In alarmreadygeneric of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0,...

CVE-2017-15860

In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur...

CVE-2017-13230

In hevc codec, there is an out-of-bounds write due to an incorrect bounds check with the i2picwidthinlumasamples value. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 7.0,...

CVE-2017-13228

In function ih264drefidxreordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...

CVE-2017-13178

In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...

CVE-2017-13177

In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8....

CVE-2017-13208

In receivepacket of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2017-14911

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835, it is possible for the XBL loader to skip the authentication of device config...

CVE-2017-13179

In the ihevcdallocatestaticbufs and ihevcdcreate functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both pscodecobj and pscreateop-sivdcreateopt.pvhandle point to the same memory and pscodecobj could be freed without clearing pscreateop-sivdcreateopt.pvhandle...

CVE-2017-13151

A remote code execution vulnerability in the Android media framework libmpeg2. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456...

CVE-2017-0878

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 8.0. Android ID A-65186291...

CVE-2016-3706

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library aka glibc or libc6 allows remote attackers to cause a denial of service crash via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for...

CVE-2017-0876

A remote code execution vulnerability in the Android media framework libavc. Product: Android. Versions: 6.0. Android ID A-64964675...

CVE-2017-0872

A remote code execution vulnerability in the Android media framework libskia. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65290323...

CVE-2016-4429

Stack-based buffer overflow in the clntudpcall function in sunrpc/clntudp.c in the GNU C Library aka glibc or libc6 allows remote servers to cause a denial of service crash or possibly unspecified other impact via a flood of crafted ICMP and UDP packets...

CVE-2017-11043

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, an integer overflow leading to heap buffer overflow may potentially occur...

CVE-2017-6211

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of a downlink supplementary services message, a buffer overflow can occur...

CVE-2017-0877

A remote code execution vulnerability in the Android media framework libavc. Product: Android. Versions: 6.0. Android ID A-66372937...

CVE-2017-13160

A remote code execution vulnerability in the Android system bluetooth. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362...

CVE-2017-0835

A remote code execution vulnerability in the Android media framework libmpeg2. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63316832...

CVE-2017-0841

A remote code execution vulnerability in the Android system libutils. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37723026...

CVE-2017-11013

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset in function UnpackCore is increased for each loop, while there is no boundary check against "pIe-arraybound"...

CVE-2017-0832

A remote code execution vulnerability in the Android media framework libmpeg2. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62887820...

CVE-2017-11014

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE in a Roam Neighbor Action Report, a buffer overflow can occur...

CVE-2017-0834

A remote code execution vulnerability in the Android media framework libmpeg2. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63125953...

CVE-2017-0836

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64893226...

CVE-2017-0833

A remote code execution vulnerability in the Android media framework libavc. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62896384...

CVE-2017-11015

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently, the value of SIRMACAUTHCHALLENGELENGTH is set to 128 which may result in buffer overflow since the frame parser allows challenge text of length up to 253 bytes, but the drive...

CVE-2017-0811

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37930177...

CVE-2017-11053

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when qos map set IE of length less than 16 is received in association response or in qos map configure action frame, a buffer overflow can potentially occur in ConvertQosMapsetFrame...

CVE-2017-9714

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an out of bound memory access may happen in limCheckRxRSNIeMatch in case incorrect RSNIE is received from the client in assoc request...

CVE-2017-0810

A remote code execution vulnerability in the Android media framework libmpeg2. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38207066...

CVE-2017-0809

A remote code execution vulnerability in the Android media framework libstagefright. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128...

CVE-2017-11121

On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205...

CVE-2017-0759

A remote code execution vulnerability in the Android media framework libstagefright. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36715268...

CVE-2017-0758

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36492741...

CVE-2017-0760

A remote code execution vulnerability in the Android media framework libstagefright. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37237396...

CVE-2017-0761

A remote code execution vulnerability in the Android media framework libavc. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38448381...

CVE-2017-0781

A remote code execution vulnerability in the Android system bluetooth. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105...

CVE-2017-0764

A remote code execution vulnerability in the Android media framework libvorbis. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62872015...

CVE-2017-0763

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62534693...

CVE-2017-0756

A remote code execution vulnerability in the Android media framework libstagefright. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073...

CVE-2017-11041

In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another...

CVE-2017-0757

A remote code execution vulnerability in the Android media framework libavc. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815...

CVE-2017-0762

A remote code execution vulnerability in the Android media framework libhevc. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62214264...

CVE-2017-7065

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. The issue involves the "Wi-Fi" component. It allows remote attackers to execute arbitrary code on the Wi-Fi chip or cause a denial of service memory...

CVE-2017-0765

A remote code execution vulnerability in the Android media framework libstagefright. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62872863...