Lucene search

K
GoogleAndroid7.1.2

612 matches found

CVE
CVE
added 2019/05/08 5:29 p.m.53 views

CVE-2019-2046

In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android ...

10CVSS9.3AI score0.01182EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.52 views

CVE-2017-0756

A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073.

9.3CVSS7.9AI score0.00164EPSS
CVE
CVE
added 2018/01/12 11:29 p.m.52 views

CVE-2017-13208

In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Pr...

10CVSS9.2AI score0.16408EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.52 views

CVE-2017-13262

In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing length decrement operation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, ...

6.5CVSS6.1AI score0.13964EPSS
CVE
CVE
added 2024/11/20 6:15 p.m.52 views

CVE-2018-9470

In bff_Scanner_addOutPos of Scanner.c, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege in an unprivileged app with no additional execution privileges needed. User interaction is needed for exploitation.

8.8CVSS7.2AI score0.00156EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.51 views

CVE-2017-0738

A information disclosure vulnerability in the Android media framework (audioserver). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37563371.

5.5CVSS5.5AI score0.00063EPSS
CVE
CVE
added 2017/11/16 11:29 p.m.51 views

CVE-2017-0842

An elevation of privilege vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37502513.

7.8CVSS7.4AI score0.00039EPSS
CVE
CVE
added 2018/01/12 11:29 p.m.51 views

CVE-2017-13176

In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege that could enable bypassing user interaction requirements with no additional execution privileges needed. User interaction is needed for exploitatio...

9.3CVSS8.2AI score0.00726EPSS
CVE
CVE
added 2018/01/12 11:29 p.m.51 views

CVE-2017-13179

In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both ps_codec_obj and ps_create_op->s_ivd_create_op_t.pv_handle point to the same memory and ps_codec_obj could be freed without clearing ps_create_op->...

10CVSS9.2AI score0.03598EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.51 views

CVE-2017-13266

In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7....

10CVSS8.9AI score0.01322EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.51 views

CVE-2017-13277

In ihevcd_fmt_conv of ihevcd_fmt_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7...

9.3CVSS7.9AI score0.00722EPSS
CVE
CVE
added 2024/11/28 12:15 a.m.51 views

CVE-2018-9374

In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

7.8CVSS9AI score0.00007EPSS
CVE
CVE
added 2025/01/28 5:15 p.m.51 views

CVE-2018-9378

In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

6.2CVSS6AI score0.00019EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.51 views

CVE-2019-2106

In ihevcd_sao_shift_ctb of ihevcd_sao.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

9.3CVSS8.8AI score0.0037EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.50 views

CVE-2017-0665

A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36991414.

9.3CVSS7.4AI score0.00035EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.50 views

CVE-2017-0668

A information disclosure vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-22011579.

5.5CVSS5.5AI score0.00063EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.50 views

CVE-2017-0695

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37094889.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.50 views

CVE-2017-0699

A information disclosure vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36490809.

5.5CVSS5.5AI score0.00063EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.50 views

CVE-2017-0729

A elevation of privilege vulnerability in the Android media framework (mediadrmserver). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37710346.

7.8CVSS7.4AI score0.00053EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.50 views

CVE-2017-0807

An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974.

10CVSS8AI score0.02479EPSS
CVE
CVE
added 2017/11/16 11:29 p.m.50 views

CVE-2017-0839

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64478003.

7.5CVSS6.8AI score0.00145EPSS
CVE
CVE
added 2017/11/16 11:29 p.m.50 views

CVE-2017-0841

A remote code execution vulnerability in the Android system (libutils). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37723026.

9.3CVSS7.7AI score0.00886EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.50 views

CVE-2017-13287

In createFromParcel of VerifyCredentialResponse.java, there is a possible invalid parcel read due to improper input validation. This could lead to local escalation of privilege if mPayload in writeToParcel were null, with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.6AI score0.00034EPSS
CVE
CVE
added 2019/05/08 5:29 p.m.50 views

CVE-2019-2051

In heap of spaces.h, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure when processing a proxy auto config file with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android V...

7.8CVSS7AI score0.00396EPSS
CVE
CVE
added 2021/04/06 8:15 a.m.50 views

CVE-2021-30162

An issue was discovered on LG mobile devices with Android OS 4.4 through 11 software. Attackers can leverage ISMS services to bypass access control on specific content providers. The LG ID is LVE-SMP-210003 (April 2021).

7.1CVSS6.9AI score0.00017EPSS
CVE
CVE
added 2017/06/14 1:29 p.m.49 views

CVE-2017-0637

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediase...

9.3CVSS7.8AI score0.0084EPSS
CVE
CVE
added 2017/06/14 1:29 p.m.49 views

CVE-2017-0646

An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, ...

5.5CVSS5.1AI score0.00109EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.49 views

CVE-2017-0693

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36993291.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.49 views

CVE-2017-0708

A information disclosure vulnerability in the HTC sound driver. Product: Android. Versions: Android kernel. Android ID: A-35384879.

5.5CVSS5.5AI score0.00063EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.49 views

CVE-2017-0733

A denial of service vulnerability in the Android media framework (libmediaplayerservice). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38391487.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.49 views

CVE-2017-0763

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62534693.

9.3CVSS7.9AI score0.00212EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.49 views

CVE-2017-0768

A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62019992.

9.3CVSS7.9AI score0.00035EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.49 views

CVE-2017-0792

A information disclosure vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37305578. References: B-V2017052301.

6.5CVSS6.4AI score0.0005EPSS
CVE
CVE
added 2017/12/06 2:29 p.m.49 views

CVE-2017-13148

A denial of service vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65717533.

7.1CVSS6.6AI score0.00102EPSS
CVE
CVE
added 2018/01/12 11:29 p.m.49 views

CVE-2017-13195

In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several parameter values could be negative which could lead to negative indexes which could lead to an infinite loop. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed...

7.8CVSS7.3AI score0.02288EPSS
CVE
CVE
added 2018/01/12 11:29 p.m.49 views

CVE-2017-13197

In the ihevcd_parse_slice.c function, slave threads are not joined if there is an error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1...

7.8CVSS7.3AI score0.04329EPSS
CVE
CVE
added 2024/11/27 8:15 p.m.49 views

CVE-2017-13319

In pvmp3_get_main_data_size of pvmp3_get_main_data_size.cpp, there is a possible buffer overread due to a missing bounds check. This could lead to remote information disclosure of global static variables with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5CVSS7.8AI score0.00113EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.49 views

CVE-2018-21057

An issue was discovered on Samsung mobile devices with N(7.x) O(8.x, and P(9.0) (Exynos chipsets) software. There is a stack-based buffer overflow in the Shannon Baseband. The Samsung ID is SVE-2018-12757 (September 2018).

10CVSS9.7AI score0.00183EPSS
CVE
CVE
added 2018/12/06 2:29 p.m.49 views

CVE-2018-9549

In lppTransposer of lpp_tran.cpp there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7...

9.3CVSS7.9AI score0.00253EPSS
CVE
CVE
added 2017/07/07 2:29 p.m.48 views

CVE-2017-0326

An information disclosure vulnerability in the NVIDIA Video Driver due to an out-of-bounds read function in the Tegra Display Controller driver could result in possible information disclosure. This issue is rated as Moderate. Product: Android. Version: N/A. Android ID: A-33718700. References: N-CVE...

5.5CVSS5AI score0.00109EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.48 views

CVE-2017-0594

An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to...

9.3CVSS7.2AI score0.00068EPSS
CVE
CVE
added 2017/06/14 1:29 p.m.48 views

CVE-2017-0647

An information disclosure vulnerability in libziparchive could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6...

5.5CVSS4.7AI score0.00109EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.48 views

CVE-2017-0677

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36035074.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.48 views

CVE-2017-0718

A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273547.

9.3CVSS7.7AI score0.00248EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.48 views

CVE-2017-0762

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62214264.

9.3CVSS7.9AI score0.00212EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.48 views

CVE-2017-0765

A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62872863.

9.3CVSS7.9AI score0.00212EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.48 views

CVE-2017-0787

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37722970. References: B-V2017053104.

8.8CVSS8.6AI score0.00062EPSS
CVE
CVE
added 2020/04/08 2:15 p.m.48 views

CVE-2017-18643

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is information disclosure of the kbase_context address of a GPU memory node. The Samsung ID is SVE-2017-8907 (December 2017).

7.5CVSS7.3AI score0.00123EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.48 views

CVE-2017-6247

An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of local arbitrary code execution in a privileged process in the kernel. Produ...

9.3CVSS7.5AI score0.00088EPSS
CVE
CVE
added 2024/11/20 6:15 p.m.48 views

CVE-2018-9472

In xmlMemStrdupLoc of xmlmemory.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.

8.8CVSS7.6AI score0.00156EPSS
Total number of security vulnerabilities612