Android@7.1.0 Security Vulnerabilities and Issues — Page 3 of Android@7.1.0 CVE List

Lucene search

GoogleAndroid7.1.0

304 matches found

CVE•added 2017/03/08 1:59 a.m.•44 views

CVE-2017-0470

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS

CVE•added 2017/03/08 1:59 a.m.•44 views

CVE-2017-0473

9.3CVSS7.6AI score0.00316EPSS

CVE•added 2017/03/08 1:59 a.m.•44 views

CVE-2017-0494

An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6....

5.5CVSS5.1AI score0.00205EPSS

CVE•added 2017/05/12 3:29 p.m.•44 views

CVE-2017-0591

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaser...

9.3CVSS7.6AI score0.00272EPSS

CVE•added 2017/05/12 3:29 p.m.•44 views

CVE-2017-0602

An information disclosure vulnerability in Bluetooth could allow a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4....

5.5CVSS5.1AI score0.00063EPSS

CVE•added 2017/05/12 3:29 p.m.•44 views

CVE-2017-0603

A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6...

5.4CVSS4.9AI score0.00066EPSS

CVE•added 2017/09/08 8:29 p.m.•44 views

CVE-2017-0757

A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815.

9.3CVSS7.9AI score0.00212EPSS

CVE•added 2017/09/08 8:29 p.m.•44 views

CVE-2017-0779

A information disclosure vulnerability in the Android media framework (audioflinger). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38340117.

5.5CVSS5.8AI score0.00063EPSS

CVE•added 2017/10/04 1:29 a.m.•44 views

CVE-2017-0817

An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430.

7.5CVSS6.8AI score0.00233EPSS

CVE•added 2017/10/04 1:29 a.m.•44 views

CVE-2017-0822

An elevation of privilege vulnerability in the Android system (camera). Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63787722.

9.8CVSS8.4AI score0.00134EPSS

CVE•added 2017/11/16 11:29 p.m.•44 views

CVE-2017-0832

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62887820.

9.3CVSS7.7AI score0.01003EPSS

CVE•added 2017/11/16 11:29 p.m.•44 views

CVE-2017-0834

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63125953.

9.3CVSS7.7AI score0.0096EPSS

CVE•added 2020/04/07 4:15 p.m.•44 views

CVE-2017-18651

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is an Integer Overflow in process_M_SetTokenTUIPasswd during handling of a trusted application, leading to memory corruption. The Samsung IDs are SVE-2017-9008 and SVE-2017-9009 (October 2017).

7.5CVSS7.5AI score0.00113EPSS

CVE•added 2020/04/07 4:15 p.m.•44 views

CVE-2017-18653

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. The Email application allows attackers to send emails on behalf of any user via a broadcasted intent. The Samsung ID is SVE-2017-9357 (September 2017).

4.3CVSS4.7AI score0.00088EPSS

CVE•added 2017/01/12 8:59 p.m.•43 views

CVE-2017-0388

An elevation of privilege vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is rated as High because it is a general bypass for operating system protections that isolate applicati...

5.5CVSS5.9AI score0.00019EPSS

CVE•added 2017/02/08 3:59 p.m.•43 views

CVE-2017-0405

A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Surfaceflinger ...

9.3CVSS7.6AI score0.01376EPSS

CVE•added 2017/02/08 3:59 p.m.•43 views

CVE-2017-0409

A remote code execution vulnerability in libstagefright could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. ...

7.8CVSS7.5AI score0.01059EPSS

CVE•added 2017/02/08 3:59 p.m.•43 views

CVE-2017-0423

An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage access to documents on the device. This issue is rated as Moderate because it first requires exploitation of a separate vulnerability in the Bluetooth stack. Product: Android. Versions: 5.0.2, 5.1.1, 6....

5.3CVSS5.3AI score0.00084EPSS

CVE•added 2017/03/08 1:59 a.m.•43 views

CVE-2017-0472

9.3CVSS7.6AI score0.00316EPSS

CVE•added 2017/08/09 9:29 p.m.•43 views

CVE-2017-0712

A elevation of privilege vulnerability in the Android framework (wi-fi service). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37207928.

7.8CVSS7.4AI score0.00053EPSS

CVE•added 2017/08/09 9:29 p.m.•43 views

CVE-2017-0724

A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36819262.

5.5CVSS5.6AI score0.00044EPSS

CVE•added 2017/08/09 9:29 p.m.•43 views

CVE-2017-0725

A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37627194.

5.5CVSS5.6AI score0.00039EPSS

CVE•added 2017/08/09 9:29 p.m.•43 views

CVE-2017-0731

A elevation of privilege vulnerability in the Android media framework (mpeg4 encoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36075363.

7.8CVSS7.4AI score0.00053EPSS

CVE•added 2017/08/09 9:29 p.m.•43 views

CVE-2017-0739

A information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37712181.

5.5CVSS5.5AI score0.00096EPSS

CVE•added 2017/09/08 8:29 p.m.•43 views

CVE-2017-0775

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673179.

7.1CVSS5.9AI score0.00038EPSS

CVE•added 2017/09/08 8:29 p.m.•43 views

CVE-2017-0784

A elevation of privilege vulnerability in the Android system (nfc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37287958.

8.8CVSS8.6AI score0.0006EPSS

CVE•added 2017/10/04 1:29 a.m.•43 views

CVE-2017-0815

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63526567.

5.5CVSS5AI score0.00154EPSS

CVE•added 2020/04/07 4:15 p.m.•43 views

CVE-2017-18652

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. SVoice allows arbitrary code execution by changing dynamic libraries. The Samsung ID is SVE-2017-9299 (September 2017).

9.8CVSS9.7AI score0.00315EPSS

CVE•added 2020/04/08 6:15 p.m.•43 views

CVE-2018-21052

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is incorrect usage of shared memory in the vaultkeeper Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12855 (October 2018).

10CVSS9.6AI score0.00195EPSS

CVE•added 2017/01/13 4:59 p.m.•42 views

CVE-2017-0398

An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6...

5.5CVSS5.3AI score0.00071EPSS

CVE•added 2017/03/08 1:59 a.m.•42 views

CVE-2017-0481

An elevation of privilege vulnerability in NFC could enable a proximate attacker to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-par...

9.3CVSS7.2AI score0.0006EPSS

CVE•added 2017/04/07 10:59 p.m.•42 views

CVE-2017-0555

An information disclosure vulnerability in libavc in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1...

5.5CVSS5.2AI score0.00125EPSS

CVE•added 2017/04/07 10:59 p.m.•42 views

CVE-2017-0557

An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1...

5.5CVSS5.2AI score0.00112EPSS

CVE•added 2017/05/12 3:29 p.m.•42 views

CVE-2017-0589

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediase...

9.3CVSS7.6AI score0.00272EPSS

CVE•added 2017/05/12 3:29 p.m.•42 views

CVE-2017-0592

A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution withi...

9.3CVSS7.6AI score0.00272EPSS

CVE•added 2017/05/12 3:29 p.m.•42 views

CVE-2017-0596

An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not...

9.3CVSS7.2AI score0.00067EPSS

CVE•added 2017/08/18 5:29 p.m.•42 views

CVE-2017-0687

A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35583675.

5.5CVSS5.6AI score0.00044EPSS

CVE•added 2017/08/09 9:29 p.m.•42 views

CVE-2017-0730

A denial of service vulnerability in the Android media framework (h264 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36279112.

5.5CVSS5.6AI score0.00044EPSS

CVE•added 2017/09/08 8:29 p.m.•42 views

CVE-2017-0767

A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407.

9.3CVSS7.9AI score0.00035EPSS

CVE•added 2017/09/08 8:29 p.m.•42 views

CVE-2017-0771

A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37624243.

7.1CVSS5.9AI score0.00038EPSS

CVE•added 2017/09/08 8:29 p.m.•42 views

CVE-2017-0773

A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37615911.

7.1CVSS5.9AI score0.00038EPSS

CVE•added 2017/09/08 8:29 p.m.•42 views

CVE-2017-0774

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62673844.

7.1CVSS5.9AI score0.00038EPSS

CVE•added 2017/10/04 1:29 a.m.•42 views

CVE-2017-0810

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38207066.

9.3CVSS7.7AI score0.00436EPSS

CVE•added 2017/10/04 1:29 a.m.•42 views

CVE-2017-0812

An elevation of privilege vulnerability in the Android media framework (audio hal). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62873231.

9.3CVSS7.3AI score0.00134EPSS

CVE•added 2017/11/16 11:29 p.m.•42 views

CVE-2017-0833

A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62896384.

9.3CVSS7.7AI score0.0096EPSS

CVE•added 2020/03/24 8:15 p.m.•42 views

CVE-2019-20610

An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets) software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 (April 2019).

9.3CVSS8.2AI score0.00151EPSS

CVE•added 2017/01/12 8:59 p.m.•41 views

CVE-2017-0387

An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

9.3CVSS7.7AI score0.00052EPSS

CVE•added 2017/01/12 8:59 p.m.•41 views

CVE-2017-0391

A denial of service vulnerability in decoder/ihevcd_decode.c in libhevc in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6....

7.1CVSS6.1AI score0.00173EPSS

CVE•added 2017/01/12 8:59 p.m.•41 views

CVE-2017-0395

An elevation of privilege vulnerability in Contacts could enable a local malicious application to silently create contact information. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initi...

5.5CVSS5.8AI score0.00047EPSS

CVE•added 2017/03/08 1:59 a.m.•41 views

CVE-2017-0469

9.3CVSS7.6AI score0.00316EPSS

Total number of security vulnerabilities304