Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleAndroid7.1.2

612 matches found

CVE
CVEadded 2024/11/15 10:15 p.m.46 views

CVE-2017-13314

In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with n...

7.8CVSS6.9AI score0.00009EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.46 views

CVE-2017-6248

An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. And...

7.6CVSS7.2AI score0.00111EPSS
CVE
CVEadded 2024/11/28 1:15 a.m.46 views

CVE-2018-9377

In getIntentForIntentSender of ActivityManagerService.java, there is a possible way to access user metadata due to a pending intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

8.4CVSS5.8AI score0.00024EPSS
CVE
CVEadded 2024/12/02 10:15 p.m.46 views

CVE-2018-9430

In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

9.8CVSS7.4AI score0.01156EPSS
CVE
CVEadded 2024/11/19 10:15 p.m.46 views

CVE-2018-9433

In ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

9.8CVSS7.5AI score0.00156EPSS
CVE
CVEadded 2017/05/12 3:29 p.m.45 views

CVE-2017-0598

An information disclosure vulnerability in the Framework APIs could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application doe...

5.5CVSS5.2AI score0.00063EPSS
CVE
CVEadded 2017/05/12 3:29 p.m.45 views

CVE-2017-0635

A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Low due to details specific to the vulnerability. Product: Android. Versions: 7.0, 7.1.1, 7.1....

7.1CVSS5.4AI score0.00111EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.45 views

CVE-2017-0667

A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37478824.

9.3CVSS7.4AI score0.00035EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.45 views

CVE-2017-0673

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33974623.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.45 views

CVE-2017-0679

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.45 views

CVE-2017-0703

A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33123882.

9.3CVSS7.4AI score0.00031EPSS
CVE
CVEadded 2017/08/09 9:29 p.m.45 views

CVE-2017-0715

A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36998372.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVEadded 2017/09/08 8:29 p.m.45 views

CVE-2017-0766

A remote code execution vulnerability in the Android media framework (libjhead). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37776688.

9.3CVSS8.2AI score0.00212EPSS
CVE
CVEadded 2017/12/06 2:29 p.m.45 views

CVE-2017-13151

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456.

9.3CVSS8.4AI score0.00456EPSS
CVE
CVEadded 2018/02/12 7:29 p.m.45 views

CVE-2017-13228

In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: ...

9.3CVSS8.8AI score0.00481EPSS
CVE
CVEadded 2018/04/04 5:29 p.m.45 views

CVE-2017-13269

A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68818034.

4.3CVSS4.2AI score0.00029EPSS
CVE
CVEadded 2020/04/08 6:15 p.m.45 views

CVE-2018-21070

An issue was discovered on Samsung mobile devices with N(7.x), O(8.0) devices (MSM8998 or SDM845 chipsets) software. An attacker can bypass Secure Boot and obtain root access because of a missing Bootloader integrity check. The Samsung ID is SVE-2018-11552 (May 2018).

8.4CVSS8.3AI score0.00007EPSS
CVE
CVEadded 2020/04/08 3:15 p.m.45 views

CVE-2018-21087

An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018).

9.8CVSS9.7AI score0.00159EPSS
CVE
CVEadded 2024/11/19 7:15 p.m.45 views

CVE-2018-9346

In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

5.5CVSS6AI score0.00024EPSS
CVE
CVEadded 2024/11/19 10:15 p.m.45 views

CVE-2018-9412

In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

5.5CVSS6.6AI score0.00009EPSS
CVE
CVEadded 2024/11/20 5:15 p.m.45 views

CVE-2018-9468

In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation.

7.7CVSS7.3AI score0.0005EPSS
CVE
CVEadded 2017/05/12 3:29 p.m.44 views

CVE-2017-0591

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaser...

9.3CVSS7.6AI score0.00272EPSS
CVE
CVEadded 2017/05/12 3:29 p.m.44 views

CVE-2017-0602

An information disclosure vulnerability in Bluetooth could allow a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4....

5.5CVSS5.1AI score0.00063EPSS
CVE
CVEadded 2017/05/12 3:29 p.m.44 views

CVE-2017-0603

A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6...

5.4CVSS4.9AI score0.00066EPSS
CVE
CVEadded 2017/06/14 1:29 p.m.44 views

CVE-2017-0645

An elevation of privilege vulnerability in Bluetooth could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it is a local bypass of user interaction requirements. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Andro...

5.5CVSS5.2AI score0.00093EPSS
CVE
CVEadded 2017/06/14 1:29 p.m.44 views

CVE-2017-0649

An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability specif...

7.6CVSS6.9AI score0.00084EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.44 views

CVE-2017-0675

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34779227.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.44 views

CVE-2017-0683

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36591008.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.44 views

CVE-2017-0691

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36724453.

5.5CVSS5.5AI score0.00036EPSS
CVE
CVEadded 2017/07/06 8:29 p.m.44 views

CVE-2017-0704

A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-33059280.

7.8CVSS7.4AI score0.00053EPSS
CVE
CVEadded 2017/09/08 8:29 p.m.44 views

CVE-2017-0757

A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815.

9.3CVSS7.9AI score0.00212EPSS
CVE
CVEadded 2017/09/08 8:29 p.m.44 views

CVE-2017-0779

A information disclosure vulnerability in the Android media framework (audioflinger). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38340117.

5.5CVSS5.8AI score0.00063EPSS
CVE
CVEadded 2017/09/08 8:29 p.m.44 views

CVE-2017-0790

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37357704. References: B-V2017053101.

8.8CVSS8.6AI score0.00062EPSS
CVE
CVEadded 2017/10/04 1:29 a.m.44 views

CVE-2017-0813

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36531046.

7.5CVSS6.9AI score0.00376EPSS
CVE
CVEadded 2017/10/04 1:29 a.m.44 views

CVE-2017-0817

An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430.

7.5CVSS6.8AI score0.00233EPSS
CVE
CVEadded 2017/10/04 1:29 a.m.44 views

CVE-2017-0822

An elevation of privilege vulnerability in the Android system (camera). Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63787722.

9.8CVSS8.4AI score0.00134EPSS
CVE
CVEadded 2017/11/16 11:29 p.m.44 views

CVE-2017-0832

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62887820.

9.3CVSS7.7AI score0.01003EPSS
CVE
CVEadded 2017/11/16 11:29 p.m.44 views

CVE-2017-0834

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63125953.

9.3CVSS7.7AI score0.0096EPSS
CVE
CVEadded 2017/12/06 2:29 p.m.44 views

CVE-2017-0880

A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID A-65646012.

7.1CVSS6.3AI score0.00102EPSS
CVE
CVEadded 2017/12/06 2:29 p.m.44 views

CVE-2017-13149

An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872.

9.1CVSS8.2AI score0.00122EPSS
CVE
CVEadded 2017/12/06 2:29 p.m.44 views

CVE-2017-13160

A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362.

10CVSS8.9AI score0.01255EPSS
CVE
CVEadded 2018/04/04 5:29 p.m.44 views

CVE-2017-13251

In impeg2d_dec_pic_data_thread of impeg2d_dec_hdr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when running multi threaded with no additional execution privileges needed. User interaction is needed for exploitation. Produ...

9.3CVSS7.7AI score0.00045EPSS
CVE
CVEadded 2018/04/04 5:29 p.m.44 views

CVE-2017-13256

In process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1...

8.8CVSS8.5AI score0.00301EPSS
CVE
CVEadded 2018/04/04 4:29 p.m.44 views

CVE-2017-13279

In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop of pushing items into a vector. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6...

5.5CVSS5.9AI score0.00164EPSS
CVE
CVEadded 2018/04/04 4:29 p.m.44 views

CVE-2017-13282

In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1,...

10CVSS9AI score0.03347EPSS
CVE
CVEadded 2018/04/04 4:29 p.m.44 views

CVE-2017-13290

In sdp_server_handle_client_req of sdp_server.cc, there is an out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7....

6.2CVSS5.8AI score0.00046EPSS
CVE
CVEadded 2020/04/07 4:15 p.m.44 views

CVE-2017-18651

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is an Integer Overflow in process_M_SetTokenTUIPasswd during handling of a trusted application, leading to memory corruption. The Samsung IDs are SVE-2017-9008 and SVE-2017-9009 (October 2017).

7.5CVSS7.5AI score0.00113EPSS
CVE
CVEadded 2020/04/07 4:15 p.m.44 views

CVE-2017-18653

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. The Email application allows attackers to send emails on behalf of any user via a broadcasted intent. The Samsung ID is SVE-2017-9357 (September 2017).

4.3CVSS4.7AI score0.00088EPSS
CVE
CVEadded 2018/11/06 5:29 p.m.44 views

CVE-2018-9360

In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android...

7.8CVSS6.9AI score0.03247EPSS
CVE
CVEadded 2024/11/19 10:15 p.m.44 views

CVE-2018-9419

In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

7.5CVSS6.3AI score0.00135EPSS
Total number of security vulnerabilities612