Android@5.1.1 Security Vulnerabilities and Issues — Page 3 of Android@5.1.1 CVE List

Lucene search

GoogleAndroid5.1.1

266 matches found

CVE•added 2017/11/16 11:29 p.m.•45 views

CVE-2017-0845

A denial of service vulnerability in the Android framework (syncstorageengine). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35028827.

7.5CVSS7.1AI score0.00124EPSS

CVE•added 2018/01/12 11:29 p.m.•45 views

CVE-2017-0855

In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed...

7.8CVSS7.4AI score0.02288EPSS

CVE•added 2020/04/08 3:15 p.m.•45 views

CVE-2018-21087

An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018).

9.8CVSS9.7AI score0.00159EPSS

CVE•added 2016/03/12 9:59 p.m.•44 views

CVE-2016-0829

The BnGraphicBufferProducer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not initialize a certain output data structure, which allows attackers to obtain sensitive information, and con...

7.5CVSS7.3AI score0.00202EPSS

CVE•added 2017/01/12 8:59 p.m.•44 views

CVE-2017-0382

A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the...

7.8CVSS8.1AI score0.0028EPSS

CVE•added 2017/01/12 8:59 p.m.•44 views

CVE-2017-0385

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

9.3CVSS7.7AI score0.00052EPSS

CVE•added 2017/01/12 8:59 p.m.•44 views

CVE-2017-0392

A denial of service vulnerability in VBRISeeker.cpp in libstagefright in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5....

7.1CVSS5.7AI score0.0017EPSS

CVE•added 2017/02/08 3:59 p.m.•44 views

CVE-2017-0410

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally a...

9.3CVSS7.2AI score0.00144EPSS

CVE•added 2017/02/08 3:59 p.m.•44 views

CVE-2017-0416

9.3CVSS7.2AI score0.00136EPSS

CVE•added 2017/05/12 3:29 p.m.•44 views

CVE-2017-0602

An information disclosure vulnerability in Bluetooth could allow a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4....

5.5CVSS5.1AI score0.00063EPSS

CVE•added 2017/05/12 3:29 p.m.•44 views

CVE-2017-0603

A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6...

5.4CVSS4.9AI score0.00066EPSS

CVE•added 2017/08/09 9:29 p.m.•44 views

CVE-2017-0720

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37430213.

9.3CVSS7.7AI score0.00248EPSS

CVE•added 2017/08/09 9:29 p.m.•44 views

CVE-2017-0745

A remote code execution vulnerability in the Android media framework (avc decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37079296.

9.3CVSS7.7AI score0.00308EPSS

CVE•added 2017/09/08 8:29 p.m.•44 views

CVE-2017-0777

A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-38342499.

5.5CVSS5.8AI score0.00051EPSS

CVE•added 2017/09/08 8:29 p.m.•44 views

CVE-2017-0779

A information disclosure vulnerability in the Android media framework (audioflinger). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38340117.

5.5CVSS5.8AI score0.00063EPSS

CVE•added 2017/10/04 1:29 a.m.•44 views

CVE-2017-0817

An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430.

7.5CVSS6.8AI score0.00233EPSS

CVE•added 2017/12/06 2:29 p.m.•44 views

CVE-2017-13149

An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872.

9.1CVSS8.2AI score0.00122EPSS

CVE•added 2018/04/04 5:29 p.m.•44 views

CVE-2017-13256

In process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1...

8.8CVSS8.5AI score0.00301EPSS

CVE•added 2018/04/04 5:29 p.m.•44 views

CVE-2017-13269

A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68818034.

4.3CVSS4.2AI score0.00029EPSS

CVE•added 2016/02/07 1:59 a.m.•43 views

CVE-2016-0806

The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25344453.

8.4CVSS8AI score0.00015EPSS

CVE•added 2017/01/12 3:59 p.m.•43 views

CVE-2016-6772

An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: 5.0.2, 5.1.1, 6....

9.3CVSS7.1AI score0.01435EPSS

CVE•added 2017/02/08 3:59 p.m.•43 views

CVE-2017-0419

9.3CVSS7.2AI score0.00136EPSS

CVE•added 2017/02/08 3:59 p.m.•43 views

CVE-2017-0423

An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage access to documents on the device. This issue is rated as Moderate because it first requires exploitation of a separate vulnerability in the Bluetooth stack. Product: Android. Versions: 5.0.2, 5.1.1, 6....

5.3CVSS5.3AI score0.00084EPSS

CVE•added 2017/07/06 8:29 p.m.•43 views

CVE-2017-0666

A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37285689.

9.3CVSS7.4AI score0.00035EPSS

CVE•added 2017/07/06 8:29 p.m.•43 views

CVE-2017-0690

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36592202.

5.5CVSS5.6AI score0.0005EPSS

CVE•added 2017/08/09 9:29 p.m.•43 views

CVE-2017-0731

A elevation of privilege vulnerability in the Android media framework (mpeg4 encoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36075363.

7.8CVSS7.4AI score0.00053EPSS

CVE•added 2017/08/09 9:29 p.m.•43 views

CVE-2017-0739

A information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37712181.

5.5CVSS5.5AI score0.00096EPSS

CVE•added 2017/09/08 8:29 p.m.•43 views

CVE-2017-0775

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673179.

7.1CVSS5.9AI score0.00038EPSS

CVE•added 2017/09/08 8:29 p.m.•43 views

CVE-2017-0778

A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-62133227.

7.8CVSS6.8AI score0.00064EPSS

CVE•added 2017/09/08 8:29 p.m.•43 views

CVE-2017-0784

A elevation of privilege vulnerability in the Android system (nfc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37287958.

8.8CVSS8.6AI score0.0006EPSS

CVE•added 2017/10/04 1:29 a.m.•43 views

CVE-2017-0820

A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62187433.

7.8CVSS7.2AI score0.00599EPSS

CVE•added 2017/11/16 11:29 p.m.•43 views

CVE-2017-0840

An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62948670.

7.5CVSS6.8AI score0.00145EPSS

CVE•added 2017/11/16 11:29 p.m.•43 views

CVE-2017-0860

An elevation of privilege vulnerability in the Android system (inputdispatcher). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-31097064.

5.3CVSS5.8AI score0.00016EPSS

CVE•added 2018/04/04 5:29 p.m.•43 views

CVE-2017-13258

In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7....

7.5CVSS6.8AI score0.17014EPSS

CVE•added 2016/01/06 7:59 p.m.•42 views

CVE-2015-6638

The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 24673908.

9.3CVSS7.6AI score0.00043EPSS

CVE•added 2016/03/12 9:59 p.m.•42 views

CVE-2016-0818

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to spoo...

5.9CVSS5.6AI score0.00058EPSS

CVE•added 2017/01/12 3:59 p.m.•42 views

CVE-2016-6763

A denial of service vulnerability in Telephony could enable a local malicious application to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of local permanent denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, ...

7.1CVSS5.3AI score0.00049EPSS

CVE•added 2017/01/13 4:59 p.m.•42 views

CVE-2017-0398

An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6...

5.5CVSS5.3AI score0.00071EPSS

CVE•added 2017/01/12 8:59 p.m.•42 views

CVE-2017-0402

An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permissio...

5.5CVSS5.2AI score0.00112EPSS

CVE•added 2017/03/08 1:59 a.m.•42 views

CVE-2017-0481

An elevation of privilege vulnerability in NFC could enable a proximate attacker to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-par...

9.3CVSS7.2AI score0.0006EPSS

CVE•added 2017/05/12 3:29 p.m.•42 views

CVE-2017-0589

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediase...

9.3CVSS7.6AI score0.00272EPSS

CVE•added 2017/05/12 3:29 p.m.•42 views

CVE-2017-0592

A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution withi...

9.3CVSS7.6AI score0.00272EPSS

CVE•added 2017/05/12 3:29 p.m.•42 views

CVE-2017-0596

An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not...

9.3CVSS7.2AI score0.00067EPSS

CVE•added 2017/07/06 8:29 p.m.•42 views

CVE-2017-0694

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37093318.

5.5CVSS5.6AI score0.00044EPSS

CVE•added 2017/07/06 8:29 p.m.•42 views

CVE-2017-0697

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37239013.

5.5CVSS5.6AI score0.00044EPSS

CVE•added 2017/08/09 9:29 p.m.•42 views

CVE-2017-0712

A elevation of privilege vulnerability in the Android framework (wi-fi service). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37207928.

7.8CVSS7.4AI score0.00053EPSS

CVE•added 2017/09/08 8:29 p.m.•42 views

CVE-2017-0767

A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407.

9.3CVSS7.9AI score0.00035EPSS

CVE•added 2017/09/08 8:29 p.m.•42 views

CVE-2017-0773

A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37615911.

7.1CVSS5.9AI score0.00038EPSS

CVE•added 2017/09/08 8:29 p.m.•42 views

CVE-2017-0774

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62673844.

7.1CVSS5.9AI score0.00038EPSS

CVE•added 2017/10/04 1:29 a.m.•42 views

CVE-2017-0815

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63526567.

5.5CVSS5AI score0.00154EPSS

Total number of security vulnerabilities266