Lucene search

K
GoogleAndroid7.1.0

304 matches found

CVE
CVE
added 2017/11/16 11:29 p.m.44 views

CVE-2017-0832

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62887820.

9.3CVSS7.7AI score0.01003EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.44 views

CVE-2017-18651

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is an Integer Overflow in process_M_SetTokenTUIPasswd during handling of a trusted application, leading to memory corruption. The Samsung IDs are SVE-2017-9008 and SVE-2017-9009 (October 2017).

7.5CVSS7.5AI score0.00113EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.44 views

CVE-2017-18653

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. The Email application allows attackers to send emails on behalf of any user via a broadcasted intent. The Samsung ID is SVE-2017-9357 (September 2017).

4.3CVSS4.7AI score0.00088EPSS
CVE
CVE
added 2017/01/12 8:59 p.m.43 views

CVE-2017-0388

An elevation of privilege vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is rated as High because it is a general bypass for operating system protections that isolate applicati...

5.5CVSS5.9AI score0.00019EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.43 views

CVE-2017-0405

A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Surfaceflinger ...

9.3CVSS7.6AI score0.01376EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.43 views

CVE-2017-0409

A remote code execution vulnerability in libstagefright could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. ...

7.8CVSS7.5AI score0.01059EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.43 views

CVE-2017-0411

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally a...

9.3CVSS7.2AI score0.03671EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.43 views

CVE-2017-0419

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

9.3CVSS7.2AI score0.00136EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.43 views

CVE-2017-0423

An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage access to documents on the device. This issue is rated as Moderate because it first requires exploitation of a separate vulnerability in the Bluetooth stack. Product: Android. Versions: 5.0.2, 5.1.1, 6....

5.3CVSS5.3AI score0.00084EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.43 views

CVE-2017-0472

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.43 views

CVE-2017-0719

A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273673.

9.3CVSS7.7AI score0.00308EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.43 views

CVE-2017-0724

A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36819262.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.43 views

CVE-2017-0731

A elevation of privilege vulnerability in the Android media framework (mpeg4 encoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36075363.

7.8CVSS7.4AI score0.00053EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.43 views

CVE-2017-0739

A information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37712181.

5.5CVSS5.5AI score0.00096EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.43 views

CVE-2017-0775

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673179.

7.1CVSS5.9AI score0.00038EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.43 views

CVE-2017-0778

A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-62133227.

7.8CVSS6.8AI score0.00064EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.43 views

CVE-2017-0784

A elevation of privilege vulnerability in the Android system (nfc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37287958.

8.8CVSS8.6AI score0.0006EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.43 views

CVE-2017-0822

An elevation of privilege vulnerability in the Android system (camera). Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63787722.

9.8CVSS8.4AI score0.00134EPSS
CVE
CVE
added 2017/11/16 11:29 p.m.43 views

CVE-2017-0834

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63125953.

9.3CVSS7.7AI score0.0096EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.43 views

CVE-2017-18652

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. SVoice allows arbitrary code execution by changing dynamic libraries. The Samsung ID is SVE-2017-9299 (September 2017).

9.8CVSS9.7AI score0.00315EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.43 views

CVE-2018-21052

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is incorrect usage of shared memory in the vaultkeeper Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12855 (October 2018).

10CVSS9.6AI score0.00195EPSS
CVE
CVE
added 2017/01/13 4:59 p.m.42 views

CVE-2017-0398

An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6...

5.5CVSS5.3AI score0.00071EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.42 views

CVE-2017-0481

An elevation of privilege vulnerability in NFC could enable a proximate attacker to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-par...

9.3CVSS7.2AI score0.0006EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.42 views

CVE-2017-0555

An information disclosure vulnerability in libavc in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1...

5.5CVSS5.2AI score0.00125EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.42 views

CVE-2017-0557

An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1...

5.5CVSS5.2AI score0.00112EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.42 views

CVE-2017-0589

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediase...

9.3CVSS7.6AI score0.00272EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.42 views

CVE-2017-0592

A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution withi...

9.3CVSS7.6AI score0.00272EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.42 views

CVE-2017-0596

An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not...

9.3CVSS7.2AI score0.00067EPSS
CVE
CVE
added 2017/08/18 5:29 p.m.42 views

CVE-2017-0687

A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35583675.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.42 views

CVE-2017-0712

A elevation of privilege vulnerability in the Android framework (wi-fi service). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37207928.

7.8CVSS7.4AI score0.00053EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.42 views

CVE-2017-0725

A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37627194.

5.5CVSS5.6AI score0.00039EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.42 views

CVE-2017-0730

A denial of service vulnerability in the Android media framework (h264 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36279112.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.42 views

CVE-2017-0767

A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407.

9.3CVSS7.9AI score0.00035EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.42 views

CVE-2017-0773

A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37615911.

7.1CVSS5.9AI score0.00038EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.42 views

CVE-2017-0774

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62673844.

7.1CVSS5.9AI score0.00038EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.42 views

CVE-2017-0810

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38207066.

9.3CVSS7.7AI score0.00908EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.42 views

CVE-2017-0812

An elevation of privilege vulnerability in the Android media framework (audio hal). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62873231.

9.3CVSS7.3AI score0.00048EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.42 views

CVE-2017-0815

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63526567.

5.5CVSS5AI score0.00154EPSS
CVE
CVE
added 2017/11/16 11:29 p.m.42 views

CVE-2017-0833

A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62896384.

9.3CVSS7.7AI score0.0096EPSS
CVE
CVE
added 2020/03/24 8:15 p.m.42 views

CVE-2019-20610

An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets) software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 (April 2019).

9.3CVSS8.2AI score0.00151EPSS
CVE
CVE
added 2017/01/12 8:59 p.m.41 views

CVE-2017-0387

An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

9.3CVSS7.7AI score0.00052EPSS
CVE
CVE
added 2017/01/12 8:59 p.m.41 views

CVE-2017-0391

A denial of service vulnerability in decoder/ihevcd_decode.c in libhevc in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6....

7.1CVSS6.1AI score0.00173EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.41 views

CVE-2017-0469

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.41 views

CVE-2017-0474

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.02868EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.41 views

CVE-2017-0476

A remote code execution vulnerability in AOSP Messaging could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the context of an unprivileged process...

7.8CVSS7.5AI score0.00321EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.41 views

CVE-2017-0479

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

9.3CVSS7.2AI score0.00064EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.41 views

CVE-2017-0491

An elevation of privilege vulnerability in Package Manager could enable a local malicious application to prevent users from uninstalling applications or removing permissions from applications. This issue is rated as Moderate because it is a local bypass of user interaction requirements. Product: An...

5.5CVSS5.4AI score0.00072EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.41 views

CVE-2017-0495

An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1...

5.5CVSS4.9AI score0.00125EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.41 views

CVE-2017-0538

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaser...

9.3CVSS7.7AI score0.00264EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.41 views

CVE-2017-0544

An elevation of privilege vulnerability in CameraBase could enable a local malicious application to execute arbitrary code. This issue is rated as High because it is a local arbitrary code execution in a privileged process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. An...

9.3CVSS7.8AI score0.00067EPSS
Total number of security vulnerabilities304