Lucene search

K
GoogleAndroid7.1.0

304 matches found

CVE
CVE
added 2017/04/07 10:59 p.m.41 views

CVE-2017-0551

A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. A...

7.1CVSS5.7AI score0.00197EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.41 views

CVE-2017-0558

An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1,...

5.5CVSS5.2AI score0.00112EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.41 views

CVE-2017-0559

An information disclosure vulnerability in libskia could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0...

5.5CVSS5.2AI score0.00109EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.41 views

CVE-2017-0727

A elevation of privilege vulnerability in the Android media framework (libgui). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-33004354.

7.8CVSS7.4AI score0.00041EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.41 views

CVE-2017-0732

A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37504237.

7.8CVSS7.2AI score0.00053EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.41 views

CVE-2017-0771

A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37624243.

7.1CVSS5.9AI score0.00038EPSS
CVE
CVE
added 2017/11/16 11:29 p.m.41 views

CVE-2017-0835

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63316832.

9.3CVSS7.7AI score0.0096EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.41 views

CVE-2017-18649

An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can boot a device with root privileges because the bootloader for the Qualcomm MSM8998 chipset lacks an integrity check of the system image, aka the "SamFAIL" issue. The Samsung ID is SVE-2017-10465 (November 2017).

7.2CVSS7AI score0.00058EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.41 views

CVE-2018-21050

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is a Buffer overflow in the esecomm Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12852 (October 2018).

10CVSS9.8AI score0.00231EPSS
CVE
CVE
added 2020/04/08 3:15 p.m.41 views

CVE-2018-21082

An issue was discovered on Samsung mobile devices with N(7.x) software. Dex Station allows App Pinning bypass and lock-screen bypass via the "Use screen lock type to unpin" option. The Samsung ID is SVE-2017-11106 (February 2018).

8.4CVSS8.3AI score0.00017EPSS
CVE
CVE
added 2020/03/24 7:15 p.m.41 views

CVE-2019-20546

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom Wi-Fi chipsets) software. A denial-of-service attack can leverage a shared interface between Broadcom Bluetooth and Broadcom Wi-Fi. The Samsung ID is SVE-2019-15350 (November 2019).

6.5CVSS6.5AI score0.00031EPSS
CVE
CVE
added 2020/03/24 8:15 p.m.41 views

CVE-2019-20593

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks Private Mode thumbnails. The Samsung ID is SVE-2019-14208 (July 2019).

5.3CVSS5.4AI score0.00091EPSS
CVE
CVE
added 2020/08/31 9:15 p.m.41 views

CVE-2020-25064

An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Certain automated testing is mishandled. The LG ID is LVE-SMP-200019 (August 2020).

7.5CVSS7.5AI score0.00092EPSS
CVE
CVE
added 2017/01/12 8:59 p.m.40 views

CVE-2017-0383

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally a...

9.3CVSS7.7AI score0.00052EPSS
CVE
CVE
added 2017/01/12 8:59 p.m.40 views

CVE-2017-0395

An elevation of privilege vulnerability in Contacts could enable a local malicious application to silently create contact information. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initi...

5.5CVSS5.8AI score0.00047EPSS
CVE
CVE
added 2017/01/12 8:59 p.m.40 views

CVE-2017-0397

An information disclosure vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android....

5.5CVSS5.2AI score0.00091EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.40 views

CVE-2017-0483

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Andr...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.40 views

CVE-2017-0499

A denial of service vulnerability in Audioserver could enable a local malicious application to cause a device hang or reboot. This issue is rated as Low due to the possibility of a temporary denial of service. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32095713.

7.1CVSS5.2AI score0.00091EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.40 views

CVE-2017-0543

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaser...

9.3CVSS7.7AI score0.00286EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.40 views

CVE-2017-0590

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediase...

9.3CVSS7.6AI score0.00272EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.40 views

CVE-2017-0599

A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, ...

7.1CVSS5.4AI score0.00194EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.40 views

CVE-2017-0601

An Elevation of Privilege vulnerability in Bluetooth could potentially enable a local malicious application to accept harmful files shared via bluetooth without user permission. This issue is rated as Moderate due to local bypass of user interaction requirements. Product: Android. Versions: 7.0, 7....

5.5CVSS5.2AI score0.00036EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.40 views

CVE-2017-0713

A remote code execution vulnerability in the Android libraries (sfntly). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-32096780.

7.8CVSS7.7AI score0.0028EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.40 views

CVE-2017-0716

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37203196.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.40 views

CVE-2017-0758

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36492741.

9.3CVSS7.9AI score0.00248EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.40 views

CVE-2017-0772

A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38115076.

7.1CVSS5.9AI score0.00038EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.40 views

CVE-2017-0811

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37930177.

9.3CVSS7.7AI score0.00996EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.40 views

CVE-2017-0814

An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62800140.

7.8CVSS6.8AI score0.00834EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.40 views

CVE-2017-0816

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63662938.

5.5CVSS5AI score0.00154EPSS
CVE
CVE
added 2017/11/16 11:29 p.m.40 views

CVE-2017-0830

An elevation of privilege vulnerability in the Android framework (device policy client). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62623498.

9.3CVSS7.4AI score0.00081EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.40 views

CVE-2017-18650

An issue was discovered on Samsung mobile devices with N(7.x) software. There is a WifiStateMachine IllegalArgumentException and reboot if a malformed wpa_supplicant.conf is read. The Samsung ID is SVE-2017-9828 (October 2017).

7.5CVSS7.6AI score0.00113EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.40 views

CVE-2017-18655

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a stack-based buffer overflow with resultant memory corruption in a trustlet. The Samsung IDs are SVE-2017-8889, SVE-2017-8891, and SVE-2017-8892 (August 2017).

9.8CVSS9.8AI score0.00159EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.40 views

CVE-2018-21072

An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos chipsets) software. A kernel driver allows out-of-bounds Read/Write operations and possibly arbitrary code execution. The Samsung ID is SVE-2018-11358 (May 2018).

10CVSS9.6AI score0.00195EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.40 views

CVE-2018-21075

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. The Call+ application can load classes from an unintended path, leading to Code Execution. The Samsung ID is SVE-2017-10886 (April 2018).

9.8CVSS9.4AI score0.00187EPSS
CVE
CVE
added 2020/04/08 2:15 p.m.40 views

CVE-2018-21089

An issue was discovered on Samsung mobile devices with N(7.x) (MT6755/MT6757 Mediatek models) software. Bootloader has an integer overflow that leads to arbitrary code execution via the download offset control. The Samsung ID is SVE-2017-10732 (January 2018).

10CVSS9.8AI score0.00195EPSS
CVE
CVE
added 2020/03/24 8:15 p.m.40 views

CVE-2019-20607

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets) software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Sa...

10CVSS9.8AI score0.00231EPSS
CVE
CVE
added 2017/01/12 8:59 p.m.39 views

CVE-2017-0400

An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permissio...

5.5CVSS5.2AI score0.00154EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.39 views

CVE-2017-0480

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

9.3CVSS7.2AI score0.00069EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.39 views

CVE-2017-0485

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-3338...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.39 views

CVE-2017-0587

A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Medias...

9.3CVSS7.6AI score0.00272EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.39 views

CVE-2017-0728

A denial of service vulnerability in the Android media framework (hevc decoder). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37469795.

7.8CVSS7AI score0.0005EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.39 views

CVE-2017-0755

A elevation of privilege vulnerability in the Android libraries (libminikin). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-32178311.

9.3CVSS8AI score0.00035EPSS
CVE
CVE
added 2020/04/08 2:15 p.m.39 views

CVE-2017-18645

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) (Qualcomm chipsets) software. There is a panel_lpm sysfs stack-based buffer overflow. The Samsung ID is SVE-2017-9414 (December 2017).

9.8CVSS9.5AI score0.00159EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.39 views

CVE-2017-18648

An issue was discovered on Samsung mobile devices with KK(4.4.x), L(5.x), M(6.x), and N(7.x) software. Arbitrary file read/write operations can occur in the locked state via a crafted MTP command. The Samsung ID is SVE-2017-10086 (November 2017).

9.1CVSS8.9AI score0.0012EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.39 views

CVE-2017-18663

An issue was discovered on Samsung mobile devices with N(7.x) software. Because of missing Intent exception handling, system_server can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 (July 2017).

7.5CVSS7.6AI score0.00113EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.39 views

CVE-2017-18671

An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Intents related to Wi-Fi have incorrect exception handling, leading to a crash of system processes. The Samsung ID is SVE-2017-8389 (May 2017).

7.5CVSS7.5AI score0.00113EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.39 views

CVE-2018-21054

An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer ove...

9.8CVSS9.7AI score0.00159EPSS
CVE
CVE
added 2020/03/24 7:15 p.m.39 views

CVE-2019-20557

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via a SIM card by blocking the PUK code. The Samsung ID is SVE-2019-15262 (October 2019).

4.6CVSS4.8AI score0.00019EPSS
CVE
CVE
added 2017/01/12 8:59 p.m.38 views

CVE-2017-0389

A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1. Android ID:...

7.8CVSS7.1AI score0.0034EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.38 views

CVE-2017-0425

An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6...

5.5CVSS4.9AI score0.00166EPSS
Total number of security vulnerabilities304