Lucene search

K
GoogleAndroid7.1.2

612 matches found

CVE
CVE
added 2018/12/06 2:29 p.m.48 views

CVE-2018-9558

In rw_t2t_handle_tlv_detect of rw_t2t_ndef.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC kernel with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Ver...

7.8CVSS7.6AI score0.00022EPSS
CVE
CVE
added 2019/02/28 5:29 p.m.48 views

CVE-2019-1991

In btif_dm_data_copy of btif_core.cc, there is a possible out of bounds write due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android...

9.3CVSS8.9AI score0.01005EPSS
CVE
CVE
added 2020/03/24 8:15 p.m.48 views

CVE-2019-20605

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A heap overflow occurs for baseband in the Shannon modem. The Samsung ID is SVE-2019-14071 (May 2019).

10CVSS9.6AI score0.00183EPSS
CVE
CVE
added 2020/03/24 8:15 p.m.48 views

CVE-2019-20614

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Allshare allows attackers to access sensitive information. The Samsung ID is SVE-2018-13453 (March 2019).

7.5CVSS7.5AI score0.00114EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.48 views

CVE-2019-2105

In FileInputStream::Read of file_input_stream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versi...

8.8CVSS8.7AI score0.00409EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.47 views

CVE-2017-0678

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36576151.

9.3CVSS7.7AI score0.00248EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.47 views

CVE-2017-0714

A remote code execution vulnerability in the Android media framework (h263 decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36492637.

9.3CVSS7.7AI score0.00248EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.47 views

CVE-2017-0722

A remote code execution vulnerability in the Android media framework (h263 decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37660827.

9.3CVSS7.7AI score0.00248EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.47 views

CVE-2017-0734

A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38014992.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.47 views

CVE-2017-0769

A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37662122.

9.3CVSS7.9AI score0.00037EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.47 views

CVE-2017-0780

A denial of service vulnerability in the Android runtime (android messenger). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37742976.

7.1CVSS5.4AI score0.00038EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.47 views

CVE-2017-0791

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37306719. References: B-V2017052302.

8.8CVSS8.6AI score0.00062EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.47 views

CVE-2017-0809

A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128.

9.3CVSS7.7AI score0.0084EPSS
CVE
CVE
added 2018/01/12 11:29 p.m.47 views

CVE-2017-13180

In the onQueueFilled function of SoftAVCDec, there is a possible out-of-bounds write due to a use after free if a bad header causes the decoder to get caught in a loop while another thread frees the memory it's accessing. This could lead to a local elevation of privilege enabling code execution as ...

7.8CVSS7.7AI score0.00037EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.47 views

CVE-2017-13248

In impeg2_idct_recon_sse42() of impeg2_idct_recon_sse42_intr.c, there is an out of bound write due to a missing bounds check. This could lead to an remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0...

9.3CVSS7.9AI score0.00212EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.47 views

CVE-2017-13255

In process_service_attr_req of sdp_server.c, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7...

8.8CVSS8.5AI score0.00301EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.47 views

CVE-2017-13261

In bnep_process_control_packet of bnep_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1,...

7.5CVSS6.8AI score0.21502EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.47 views

CVE-2017-13272

In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0,...

10CVSS8.6AI score0.00822EPSS
CVE
CVE
added 2024/11/19 8:15 p.m.47 views

CVE-2018-9348

In SMF_ParseMetaEvent of eas_smf.c, there is a possible integer overflow. This could lead to remote denial of service due to resource exhaustion with no additional execution privileges needed. User interaction is needed for exploitation.

7.5CVSS6.7AI score0.00401EPSS
CVE
CVE
added 2024/12/02 9:15 p.m.47 views

CVE-2018-9413

In handle_notification_response of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

8.8CVSS6.8AI score0.00033EPSS
CVE
CVE
added 2024/11/20 5:15 p.m.47 views

CVE-2018-9469

In multiple functions of ShortcutService.java, there is a possible creation of a spoofed shortcut due to a missing permission check. This could lead to local escalation of privilege in a privileged app with no additional execution privileges needed. User interaction is needed for exploitation.

8.4CVSS7.9AI score0.00007EPSS
CVE
CVE
added 2019/04/19 8:29 p.m.47 views

CVE-2019-2034

In rw_i93_sm_read_ndef of rw_i93.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the NFC process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Andro...

7.8CVSS7.7AI score0.00056EPSS
CVE
CVE
added 2019/05/08 5:29 p.m.47 views

CVE-2019-2045

In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 And...

10CVSS9.3AI score0.00873EPSS
CVE
CVE
added 2019/08/20 8:15 p.m.47 views

CVE-2019-2136

In Status::readFromParcel of Status.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 ...

5.5CVSS5AI score0.00017EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.46 views

CVE-2017-0597

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

9.3CVSS7.2AI score0.00052EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.46 views

CVE-2017-0664

A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36491278.

9.3CVSS7.4AI score0.00035EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.46 views

CVE-2017-0670

A denial of service vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36104177.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.46 views

CVE-2017-0692

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36725407.

5.5CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.46 views

CVE-2017-0721

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37561455.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.46 views

CVE-2017-0759

A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36715268.

9.3CVSS7.9AI score0.00212EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.46 views

CVE-2017-0770

A elevation of privilege vulnerability in the Android media framework (libmediaplayerservice). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38234812.

9.3CVSS7.9AI score0.00035EPSS
CVE
CVE
added 2017/12/06 2:29 p.m.46 views

CVE-2017-0872

A remote code execution vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65290323.

9.3CVSS8.4AI score0.00456EPSS
CVE
CVE
added 2018/01/12 11:29 p.m.46 views

CVE-2017-13196

In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Produc...

7.8CVSS7.4AI score0.03008EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.46 views

CVE-2017-13250

In ih264d_fmt_conv_420sp_to_420p of ih264d_utils.c, there is an out of bound write due to a missing out of bounds check because of a multiplication error. This could lead to an remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product...

9.3CVSS7.9AI score0.00212EPSS
CVE
CVE
added 2024/11/15 10:15 p.m.46 views

CVE-2017-13310

In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges needed. User interaction is n...

7.8CVSS6.8AI score0.00008EPSS
CVE
CVE
added 2024/11/15 10:15 p.m.46 views

CVE-2017-13314

In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with n...

7.8CVSS6.9AI score0.00009EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.46 views

CVE-2017-6248

An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. And...

7.6CVSS7.2AI score0.00111EPSS
CVE
CVE
added 2024/11/19 6:15 p.m.46 views

CVE-2018-9338

In ResStringPool::setTo of ResourceTypes.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8CVSS6.9AI score0.00023EPSS
CVE
CVE
added 2024/11/28 1:15 a.m.46 views

CVE-2018-9377

In getIntentForIntentSender of ActivityManagerService.java, there is a possible way to access user metadata due to a pending intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

8.4CVSS5.8AI score0.00021EPSS
CVE
CVE
added 2024/12/02 10:15 p.m.46 views

CVE-2018-9430

In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

9.8CVSS7.4AI score0.01102EPSS
CVE
CVE
added 2024/11/19 10:15 p.m.46 views

CVE-2018-9433

In ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

9.8CVSS7.5AI score0.00137EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.45 views

CVE-2017-0598

An information disclosure vulnerability in the Framework APIs could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application doe...

5.5CVSS5.2AI score0.00063EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.45 views

CVE-2017-0635

A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Low due to details specific to the vulnerability. Product: Android. Versions: 7.0, 7.1.1, 7.1....

7.1CVSS5.4AI score0.00111EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.45 views

CVE-2017-0667

A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37478824.

9.3CVSS7.4AI score0.00035EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.45 views

CVE-2017-0673

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33974623.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.45 views

CVE-2017-0679

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.45 views

CVE-2017-0703

A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33123882.

9.3CVSS7.4AI score0.00031EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.45 views

CVE-2017-0715

A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36998372.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.45 views

CVE-2017-0764

A remote code execution vulnerability in the Android media framework (libvorbis). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62872015.

9.3CVSS7.9AI score0.00269EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.45 views

CVE-2017-0766

A remote code execution vulnerability in the Android media framework (libjhead). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37776688.

9.3CVSS8.2AI score0.00212EPSS
Total number of security vulnerabilities612