Lucene search

K
GoogleAndroid7.1.0

304 matches found

CVE
CVE
added 2017/03/08 1:59 a.m.38 views

CVE-2017-0487

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-3375...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.38 views

CVE-2017-0489

An elevation of privilege vulnerability in Location Manager could enable a local malicious application to bypass operating system protections for location data. This issue is rated as Moderate because it could be used to generate inaccurate data. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0...

5.5CVSS5.5AI score0.00107EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.38 views

CVE-2017-0490

An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to delete user data. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation or user permission. Product: Android. Ver...

5.5CVSS5.4AI score0.00095EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.38 views

CVE-2017-0556

An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1...

5.5CVSS5.2AI score0.00125EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.38 views

CVE-2017-0560

An information disclosure vulnerability in the factory reset process could enable a local malicious attacker to access data from the previous owner. This issue is rated as Moderate due to the possibility of bypassing device protection. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7....

5.5CVSS5.3AI score0.00109EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.38 views

CVE-2017-0726

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36389123.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.38 views

CVE-2017-0736

A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38487564.

7.1CVSS5.6AI score0.00038EPSS
CVE
CVE
added 2017/08/24 12:29 a.m.38 views

CVE-2017-0805

A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37237701.

9.3CVSS7.3AI score0.00088EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.38 views

CVE-2017-0823

An information disclosure vulnerability in the Android system (rild). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37896655.

7.5CVSS6.8AI score0.00282EPSS
CVE
CVE
added 2020/04/08 2:15 p.m.38 views

CVE-2017-18644

An issue was discovered on Samsung mobile devices with L(5.1), M(6.x), and N(7.x) software. There is a muic_set_reg_sel heap-based buffer overflow during the reading of MUIC register values. The Samsung ID is SVE-2017-10011 (December 2017).

9.8CVSS9.7AI score0.00199EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.38 views

CVE-2017-18657

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is an arbitrary write in a trustlet. The Samsung ID is SVE-2017-8893 (August 2017).

5.3CVSS5.5AI score0.00092EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.38 views

CVE-2017-18659

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 (July 2017).

5.3CVSS5.3AI score0.0011EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.38 views

CVE-2017-18666

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Applications can send arbitrary premium SMS messages. The Samsung ID is SVE-2017-8701 (June 2017).

7.5CVSS7.6AI score0.00081EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.38 views

CVE-2018-21049

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is an arbitrary memory write in a Trustlet because a secure driver allows access to sensitive APIs. The Samsung ID is SVE-2018-12881 (November 2018).

10CVSS9.3AI score0.0017EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.38 views

CVE-2018-21053

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is Clipboard access in the lockscreen state via a physical keyboard. The Samsung ID is SVE-2018-12684 (October 2018).

4.6CVSS4.7AI score0.0002EPSS
CVE
CVE
added 2020/04/08 2:15 p.m.38 views

CVE-2018-21091

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. Telecom has a System Crash via abnormal exception handling. The Samsung ID is SVE-2017-10906 (January 2018).

7.8CVSS7.6AI score0.00125EPSS
CVE
CVE
added 2020/03/24 6:15 p.m.38 views

CVE-2019-20533

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (released in China or India) software. The S Secure app can launch masked apps without a password. The Samsung ID is SVE-2019-13996 (December 2019).

3.3CVSS4.3AI score0.00017EPSS
CVE
CVE
added 2020/03/24 8:15 p.m.38 views

CVE-2019-20596

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is information disclosure in the GateKeeper Trustlet. The Samsung ID is SVE-2019-13958 (June 2019).

9.1CVSS8.7AI score0.00147EPSS
CVE
CVE
added 2020/03/24 8:15 p.m.38 views

CVE-2019-20611

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), Go(8.1), P(9.0), and Go(9.0) (Exynos chipsets) software. A baseband stack overflow leads to arbitrary code execution. The Samsung ID is SVE-2019-13963 (April 2019).

10CVSS9.8AI score0.00231EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.37 views

CVE-2017-0468

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.37 views

CVE-2017-0478

A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the...

7.8CVSS7.5AI score0.06463EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.37 views

CVE-2017-0486

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-3362...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.37 views

CVE-2017-0497

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33300701.

5.4CVSS4.9AI score0.00147EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.37 views

CVE-2017-0545

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

9.3CVSS7.7AI score0.00084EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.37 views

CVE-2017-0588

A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the ...

9.3CVSS7.6AI score0.00272EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.37 views

CVE-2017-0593

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product...

9.3CVSS6.9AI score0.00024EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.37 views

CVE-2017-0723

A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37968755.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.37 views

CVE-2017-0735

A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38239864.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.37 views

CVE-2017-0753

A remote code execution vulnerability in the Android libraries (libgdx). Product: Android. Versions: 7.1.1, 7.1.2, 8.0. Android ID: A-62218744.

9.3CVSS8.3AI score0.00212EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.37 views

CVE-2017-0808

An information disclosure vulnerability in the Android framework (file system). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62301183.

7.5CVSS6.8AI score0.00161EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.37 views

CVE-2017-0813

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36531046.

7.5CVSS6.9AI score0.00376EPSS
CVE
CVE
added 2020/04/08 1:15 p.m.37 views

CVE-2017-18646

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. An attacker can bypass the password requirement for tablet user switching by folding the magnetic cover. The Samsung ID is SVE-2017-10602 (December 2017).

4.6CVSS5AI score0.00018EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.37 views

CVE-2017-18662

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. Data outside of the rkp log buffer boundary is read, causing an information leak. The Samsung ID is SVE-2017-9109 (July 2017).

7.5CVSS7.6AI score0.00123EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.37 views

CVE-2017-18669

An issue was discovered on Samsung mobile devices with N(7.x) software. Persona has an unprotected API that allows launch of any activity with system privileges. The Samsung ID is SVE-2017-9000 (June 2017).

7.5CVSS7.6AI score0.00081EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.37 views

CVE-2017-18672

An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Because of incorrect exception handling for Intents, a local attacker can force a reboot within framework.jar. The Samsung ID is SVE-2017-8390 (May 2017).

5.5CVSS5.5AI score0.00015EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.37 views

CVE-2017-18673

An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can disable the Location service on a locked device, making it impossible for the rightful owner to find a stolen device. The Samsung ID is SVE-2017-8524 (May 2017).

2.4CVSS4.1AI score0.00019EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.37 views

CVE-2017-18678

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-20...

7.5CVSS7.5AI score0.00113EPSS
CVE
CVE
added 2020/04/08 5:15 p.m.37 views

CVE-2018-21038

An issue was discovered on Samsung mobile devices with N(7.x) software. The Secure Folder app's startup logic allows authentication bypass. The Samsung ID is SVE-2018-11628 (December 2018).

9.8CVSS9.5AI score0.00156EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.37 views

CVE-2018-21076

An issue was discovered on Samsung mobile devices with N(7.x) (Exynos8890/8895 chipsets) software. There is information disclosure (a KASLR offset) in the Secure Driver via a modified trustlet. The Samsung ID is SVE-2017-10987 (April 2018).

5.5CVSS5.3AI score0.00019EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.37 views

CVE-2018-21077

An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is a Clipboard content disclosure in the locked state because the keyboard may be used during an emergency call. The Samsung ID is SVE-2017-11107 (April 2018).

2.4CVSS4.1AI score0.00018EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.37 views

CVE-2018-21078

An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) software. The Contacts application allows attackers to originate video calls because SS (Supplementary Service) and USSD (Unstructured Supplementary Service Data) codes are improperly secured. The Samsung ID is SVE-20...

7.5CVSS7.5AI score0.00092EPSS
CVE
CVE
added 2020/03/24 7:15 p.m.37 views

CVE-2019-20549

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom chipsets) software. A heap out-of-bounds access can occur during LE Packet reception in Broadcom Bluetooth. The Samsung ID is SVE-2019-15724 (November 2019).

9.8CVSS9.4AI score0.00147EPSS
CVE
CVE
added 2020/03/24 7:15 p.m.37 views

CVE-2019-20551

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via a Class 0 Type Message. The Samsung ID is SVE-2019-14941 (October 2019).

7.5CVSS7.5AI score0.00092EPSS
CVE
CVE
added 2020/03/24 7:15 p.m.37 views

CVE-2019-20558

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a Buffer Overflow in the Touch Screen Driver. The Samsung ID is SVE-2019-14990 (October 2019).

9.8CVSS9.4AI score0.00159EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.36 views

CVE-2017-0488

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-3409...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.36 views

CVE-2017-0539

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediase...

9.3CVSS7.7AI score0.00286EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.36 views

CVE-2017-0546

An elevation of privilege vulnerability in SurfaceFlinger could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally acces...

9.3CVSS7.7AI score0.00084EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.36 views

CVE-2017-0600

A remote denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1...

7.1CVSS5.4AI score0.00111EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.36 views

CVE-2017-18660

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in tlc_server. The Samsung ID is SVE-2017-8888 (July 2017).

9.8CVSS9.7AI score0.00159EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.36 views

CVE-2017-18661

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in process_cipher_tdea. The Samsung ID is SVE-2017-8973 (July 2017).

9.8CVSS9.7AI score0.00159EPSS
Total number of security vulnerabilities304