Android@7.1.1 Security Vulnerabilities and Issues — Android@7.1.1 CVE List

Lucene search

GoogleAndroid7.1.1

271 matches found

CVE•added 2017/10/03 1:29 a.m.•785 views

CVE-2017-14496

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.

7.8CVSS8.1AI score0.15737EPSS

CVE•added 2017/09/14 7:29 p.m.•517 views

CVE-2017-0781

A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105.

8.8CVSS8.2AI score0.48939EPSS

CVE•added 2017/09/14 7:29 p.m.•425 views

CVE-2017-0785

A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698.

6.5CVSS6.8AI score0.10944EPSS

CVE•added 2017/12/06 2:29 p.m.•288 views

CVE-2017-13156

An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847.

7.8CVSS7.4AI score0.66652EPSS

CVE•added 2017/09/14 7:29 p.m.•250 views

CVE-2017-0782

A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237.

8.8CVSS8.2AI score0.45312EPSS

CVE•added 2017/09/14 7:29 p.m.•212 views

CVE-2017-0783

A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63145701.

6.5CVSS6.7AI score0.00108EPSS

CVE•added 2017/04/24 7:59 p.m.•146 views

CVE-2017-3544

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker wi...

4.3CVSS4.3AI score0.00261EPSS

CVE•added 2017/04/07 10:59 p.m.•145 views

CVE-2017-0553

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurati...

7.6CVSS6.6AI score0.00421EPSS

CVE•added 2017/06/14 1:29 p.m.•129 views

CVE-2017-0663

A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Pro...

7.8CVSS7.4AI score0.017EPSS

CVE•added 2017/08/09 9:29 p.m.•83 views

CVE-2017-0737

A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37563942.

7.8CVSS7.4AI score0.00092EPSS

CVE•added 2017/09/08 8:29 p.m.•79 views

CVE-2017-0752

A elevation of privilege vulnerability in the Android framework (windowmanager). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62196835.

9.3CVSS7.5AI score0.00031EPSS

CVE•added 2017/02/08 3:59 p.m.•69 views

CVE-2017-0412

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally a...

9.3CVSS7.2AI score0.0106EPSS

CVE•added 2017/02/08 3:59 p.m.•59 views

CVE-2017-0424

An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. This issue is rated as Moderate because it is a general bypass for a user level defense in depth or exploit mitigation technology in...

5.5CVSS5.2AI score0.00121EPSS

CVE•added 2017/03/08 1:59 a.m.•58 views

CVE-2017-0477

A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Prod...

7.8CVSS7.6AI score0.00321EPSS

CVE•added 2017/01/12 8:59 p.m.•56 views

CVE-2017-0390

A denial of service vulnerability in Tremolo/dpen.s in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6...

7.1CVSS5.7AI score0.0017EPSS

CVE•added 2017/04/07 10:59 p.m.•55 views

CVE-2017-0540

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediase...

9.3CVSS7.7AI score0.00476EPSS

CVE•added 2017/09/08 8:29 p.m.•55 views

CVE-2017-0760

A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37237396.

9.3CVSS7.9AI score0.00248EPSS

CVE•added 2017/03/08 1:59 a.m.•54 views

CVE-2017-0467

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS

CVE•added 2017/10/04 1:29 a.m.•54 views

CVE-2017-0806

An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805.

9.3CVSS7.4AI score0.01494EPSS

CVE•added 2017/12/06 2:29 p.m.•54 views

CVE-2017-0870

An elevation of privilege vulnerability in the Android framework (libminikin). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62134807.

7.8CVSS7.5AI score0.00016EPSS

CVE•added 2017/02/08 3:59 p.m.•53 views

CVE-2017-0422

A denial of service vulnerability in Bionic DNS could enable a remote attacker to use a specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0...

7.8CVSS6.7AI score0.01038EPSS

CVE•added 2017/02/08 3:59 p.m.•53 views

CVE-2017-0443

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

7.6CVSS6.6AI score0.00137EPSS

CVE•added 2017/06/14 1:29 p.m.•53 views

CVE-2017-0641

A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0,...

7.1CVSS5.1AI score0.02719EPSS

CVE•added 2017/02/08 3:59 p.m.•52 views

CVE-2017-0413

An information disclosure vulnerability in AOSP Messaging could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does no...

5.5CVSS5.2AI score0.00218EPSS

CVE•added 2017/04/07 10:59 p.m.•52 views

CVE-2017-0547

An information disclosure vulnerability in libmedia in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applica...

5.5CVSS5.3AI score0.00125EPSS

CVE•added 2017/09/08 8:29 p.m.•52 views

CVE-2017-0756

A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073.

9.3CVSS7.9AI score0.00164EPSS

CVE•added 2017/02/08 3:59 p.m.•51 views

CVE-2017-0421

An information disclosure vulnerability in the Framework APIs could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application doe...

5.5CVSS5.2AI score0.00106EPSS

CVE•added 2017/08/09 9:29 p.m.•51 views

CVE-2017-0738

A information disclosure vulnerability in the Android media framework (audioserver). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37563371.

5.5CVSS5.5AI score0.00063EPSS

CVE•added 2017/11/16 11:29 p.m.•51 views

CVE-2017-0842

An elevation of privilege vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37502513.

7.8CVSS7.4AI score0.00039EPSS

CVE•added 2017/02/08 3:59 p.m.•50 views

CVE-2017-0418

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

9.3CVSS7.2AI score0.00136EPSS

CVE•added 2017/03/08 1:59 a.m.•50 views

CVE-2017-0475

An elevation of privilege vulnerability in the recovery verifier could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the ope...

9.3CVSS7.2AI score0.00111EPSS

CVE•added 2017/07/06 8:29 p.m.•50 views

CVE-2017-0665

A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36991414.

9.3CVSS7.4AI score0.00035EPSS

CVE•added 2017/07/06 8:29 p.m.•50 views

CVE-2017-0668

A information disclosure vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-22011579.

5.5CVSS5.5AI score0.00063EPSS

CVE•added 2017/07/06 8:29 p.m.•50 views

CVE-2017-0695

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37094889.

5.5CVSS5.6AI score0.00044EPSS

CVE•added 2017/07/06 8:29 p.m.•50 views

CVE-2017-0699

A information disclosure vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36490809.

5.5CVSS5.5AI score0.00063EPSS

CVE•added 2017/08/09 9:29 p.m.•50 views

CVE-2017-0729

A elevation of privilege vulnerability in the Android media framework (mediadrmserver). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37710346.

7.8CVSS7.4AI score0.00053EPSS

CVE•added 2017/10/04 1:29 a.m.•50 views

CVE-2017-0807

An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974.

10CVSS8AI score0.02479EPSS

CVE•added 2017/11/16 11:29 p.m.•50 views

CVE-2017-0839

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64478003.

7.5CVSS6.8AI score0.00145EPSS

CVE•added 2017/11/16 11:29 p.m.•50 views

CVE-2017-0841

A remote code execution vulnerability in the Android system (libutils). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37723026.

9.3CVSS7.7AI score0.00886EPSS

CVE•added 2017/02/08 3:59 p.m.•49 views

CVE-2017-0408

A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product:...

7.8CVSS7.5AI score0.00977EPSS

CVE•added 2017/06/14 1:29 p.m.•49 views

CVE-2017-0637

9.3CVSS7.8AI score0.0084EPSS

CVE•added 2017/06/14 1:29 p.m.•49 views

CVE-2017-0646

An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, ...

5.5CVSS5.1AI score0.00109EPSS

CVE•added 2017/07/06 8:29 p.m.•49 views

CVE-2017-0693

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36993291.

5.5CVSS5.6AI score0.00044EPSS

CVE•added 2017/08/09 9:29 p.m.•49 views

CVE-2017-0733

A denial of service vulnerability in the Android media framework (libmediaplayerservice). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38391487.

5.5CVSS5.6AI score0.00044EPSS

CVE•added 2017/09/08 8:29 p.m.•49 views

CVE-2017-0763

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62534693.

9.3CVSS7.9AI score0.00212EPSS

CVE•added 2017/09/08 8:29 p.m.•49 views

CVE-2017-0768

A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62019992.

9.3CVSS7.9AI score0.00035EPSS

CVE•added 2017/12/06 2:29 p.m.•49 views

CVE-2017-13148

A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65717533.

7.1CVSS6.6AI score0.00102EPSS

CVE•added 2017/02/08 3:59 p.m.•48 views

CVE-2017-0407

9.3CVSS7.6AI score0.01376EPSS

CVE•added 2017/02/08 3:59 p.m.•48 views

CVE-2017-0414

5.5CVSS4.9AI score0.00106EPSS

CVE•added 2017/02/08 3:59 p.m.•48 views

CVE-2017-0420

An information disclosure vulnerability in AOSP Mail could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does not hav...

5.5CVSS4.9AI score0.0016EPSS

Total number of security vulnerabilities271