Lucene search

K
GoogleAndroid7.1.2

612 matches found

CVE
CVE
added 2017/09/08 8:29 p.m.45 views

CVE-2017-0776

A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38496660.

5.5CVSS5.8AI score0.00051EPSS
CVE
CVE
added 2017/11/16 11:29 p.m.45 views

CVE-2017-0845

A denial of service vulnerability in the Android framework (syncstorageengine). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35028827.

7.5CVSS7.1AI score0.00124EPSS
CVE
CVE
added 2018/01/12 11:29 p.m.45 views

CVE-2017-0855

In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed...

7.8CVSS7.4AI score0.02288EPSS
CVE
CVE
added 2017/12/06 2:29 p.m.45 views

CVE-2017-13151

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456.

9.3CVSS8.4AI score0.00456EPSS
CVE
CVE
added 2018/02/12 7:29 p.m.45 views

CVE-2017-13228

In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: ...

9.3CVSS8.8AI score0.00481EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.45 views

CVE-2018-21070

An issue was discovered on Samsung mobile devices with N(7.x), O(8.0) devices (MSM8998 or SDM845 chipsets) software. An attacker can bypass Secure Boot and obtain root access because of a missing Bootloader integrity check. The Samsung ID is SVE-2018-11552 (May 2018).

8.4CVSS8.3AI score0.00007EPSS
CVE
CVE
added 2020/04/08 3:15 p.m.45 views

CVE-2018-21087

An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018).

9.8CVSS9.7AI score0.00159EPSS
CVE
CVE
added 2024/11/19 7:15 p.m.45 views

CVE-2018-9346

In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

5.5CVSS6AI score0.00021EPSS
CVE
CVE
added 2024/11/19 10:15 p.m.45 views

CVE-2018-9412

In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

5.5CVSS6.6AI score0.00011EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.44 views

CVE-2017-0591

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaser...

9.3CVSS7.6AI score0.00272EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.44 views

CVE-2017-0602

An information disclosure vulnerability in Bluetooth could allow a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4....

5.5CVSS5.1AI score0.00063EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.44 views

CVE-2017-0603

A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6...

5.4CVSS4.9AI score0.00066EPSS
CVE
CVE
added 2017/06/14 1:29 p.m.44 views

CVE-2017-0645

An elevation of privilege vulnerability in Bluetooth could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it is a local bypass of user interaction requirements. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Andro...

5.5CVSS5.2AI score0.00093EPSS
CVE
CVE
added 2017/06/14 1:29 p.m.44 views

CVE-2017-0649

An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability specif...

7.6CVSS6.9AI score0.00084EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.44 views

CVE-2017-0675

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34779227.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.44 views

CVE-2017-0683

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36591008.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.44 views

CVE-2017-0691

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36724453.

5.5CVSS5.5AI score0.00036EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.44 views

CVE-2017-0704

A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-33059280.

7.8CVSS7.4AI score0.00053EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.44 views

CVE-2017-0720

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37430213.

9.3CVSS7.7AI score0.00248EPSS
CVE
CVE
added 2017/08/09 9:29 p.m.44 views

CVE-2017-0745

A remote code execution vulnerability in the Android media framework (avc decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37079296.

9.3CVSS7.7AI score0.00308EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.44 views

CVE-2017-0757

A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815.

9.3CVSS7.9AI score0.00212EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.44 views

CVE-2017-0761

A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38448381.

9.3CVSS7.9AI score0.00248EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.44 views

CVE-2017-0777

A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-38342499.

5.5CVSS5.8AI score0.00051EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.44 views

CVE-2017-0779

A information disclosure vulnerability in the Android media framework (audioflinger). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38340117.

5.5CVSS5.8AI score0.00063EPSS
CVE
CVE
added 2017/09/08 8:29 p.m.44 views

CVE-2017-0790

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37357704. References: B-V2017053101.

8.8CVSS8.6AI score0.00062EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.44 views

CVE-2017-0817

An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430.

7.5CVSS6.8AI score0.00233EPSS
CVE
CVE
added 2017/11/16 11:29 p.m.44 views

CVE-2017-0832

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62887820.

9.3CVSS7.7AI score0.01003EPSS
CVE
CVE
added 2017/12/06 2:29 p.m.44 views

CVE-2017-0880

A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID A-65646012.

7.1CVSS6.3AI score0.00102EPSS
CVE
CVE
added 2017/12/06 2:29 p.m.44 views

CVE-2017-13149

An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872.

9.1CVSS8.2AI score0.00122EPSS
CVE
CVE
added 2017/12/06 2:29 p.m.44 views

CVE-2017-13160

A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362.

10CVSS8.9AI score0.01255EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.44 views

CVE-2017-13251

In impeg2d_dec_pic_data_thread of impeg2d_dec_hdr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when running multi threaded with no additional execution privileges needed. User interaction is needed for exploitation. Produ...

9.3CVSS7.7AI score0.00045EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.44 views

CVE-2017-13256

In process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1...

8.8CVSS8.5AI score0.00301EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.44 views

CVE-2017-13269

A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68818034.

4.3CVSS4.2AI score0.00029EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.44 views

CVE-2017-13279

In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop of pushing items into a vector. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6...

5.5CVSS5.9AI score0.00164EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.44 views

CVE-2017-13282

In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1,...

10CVSS9AI score0.03347EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.44 views

CVE-2017-13290

In sdp_server_handle_client_req of sdp_server.cc, there is an out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7....

6.2CVSS5.8AI score0.00046EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.44 views

CVE-2017-18651

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is an Integer Overflow in process_M_SetTokenTUIPasswd during handling of a trusted application, leading to memory corruption. The Samsung IDs are SVE-2017-9008 and SVE-2017-9009 (October 2017).

7.5CVSS7.5AI score0.00113EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.44 views

CVE-2017-18653

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. The Email application allows attackers to send emails on behalf of any user via a broadcasted intent. The Samsung ID is SVE-2017-9357 (September 2017).

4.3CVSS4.7AI score0.00088EPSS
CVE
CVE
added 2024/11/19 10:15 p.m.44 views

CVE-2018-9419

In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

7.5CVSS6.3AI score0.00108EPSS
CVE
CVE
added 2024/12/02 10:15 p.m.44 views

CVE-2018-9426

In RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect implementation could cause weak RSA key pairs being generated. This could lead to crypto vulnerability with no additional execution privileges needed. User interaction is not needed for exploitation. Bulletin Fi...

7.5CVSS6.8AI score0.00063EPSS
CVE
CVE
added 2024/12/03 1:15 a.m.44 views

CVE-2018-9441

In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

5.5CVSS8.1AI score0.00008EPSS
CVE
CVE
added 2024/11/20 6:15 p.m.44 views

CVE-2018-9479

In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

9.8CVSS7.6AI score0.00307EPSS
CVE
CVE
added 2018/11/14 6:29 p.m.44 views

CVE-2018-9527

In vorbis_book_decodev_set of codebook.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 A...

9.3CVSS8.1AI score0.00212EPSS
CVE
CVE
added 2019/02/12 12:0 a.m.44 views

CVE-2018-9589

In ieee802_11_rx_wnmsleep_req of wnm_ap.c in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi driver with no additional execution privi...

5.5CVSS5AI score0.00024EPSS
CVE
CVE
added 2019/02/28 5:29 p.m.44 views

CVE-2019-1992

In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use-after-free due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Andr...

7.6CVSS7.8AI score0.00782EPSS
CVE
CVE
added 2019/04/19 8:29 p.m.44 views

CVE-2019-2027

In floor0_inverse1 of floor0.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Andro...

9.3CVSS8.8AI score0.00343EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.44 views

CVE-2019-2116

In save_attr_seq of sdp_discovery.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Androi...

7.5CVSS6.9AI score0.00314EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.43 views

CVE-2017-0666

A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37285689.

9.3CVSS7.4AI score0.00035EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.43 views

CVE-2017-0680

A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37008096.

9.3CVSS7.7AI score0.00212EPSS
CVE
CVE
added 2017/07/06 8:29 p.m.43 views

CVE-2017-0686

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231231.

5.5CVSS5.6AI score0.00044EPSS
Total number of security vulnerabilities612