Lucene search

K

123 matches found

CVE
CVE
added 2018/04/04 4:29 p.m.225 views

CVE-2017-13305

A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.

7.1CVSS5.5AI score0.00063EPSS
CVE
CVE
added 2018/04/05 6:29 p.m.147 views

CVE-2015-9016

In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-6308304...

7CVSS7.7AI score0.00024EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.57 views

CVE-2017-13280

In the FrameSequence_gif::FrameSequence_gif function of libframesequence, there is a out of bounds read due to a missing bounds check. This could lead to a remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Ver...

7.5CVSS7.2AI score0.00499EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.55 views

CVE-2017-13283

In avrc_ctrl_pars_vendor_rsp of bluetooth avrcp_ctrl, there is a possible out of bounds write on the stack due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versi...

10CVSS8.8AI score0.02956EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.55 views

CVE-2017-13292

In wl_get_assoc_ies of wl_cfg80211.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Andro...

10CVSS8.8AI score0.02239EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.54 views

CVE-2017-13252

In CryptoHal::decrypt of CryptoHal.cpp, there is an out of bounds write due to improper input validation that results in a read from uninitialized memory. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Pr...

9.3CVSS7.6AI score0.00045EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.53 views

CVE-2017-13260

In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7....

7.5CVSS6.8AI score0.20857EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.52 views

CVE-2017-13262

In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing length decrement operation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, ...

6.5CVSS6.1AI score0.13964EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.51 views

CVE-2017-13266

In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7....

10CVSS8.9AI score0.01322EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.51 views

CVE-2017-13277

In ihevcd_fmt_conv of ihevcd_fmt_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7...

9.3CVSS7.9AI score0.00722EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.50 views

CVE-2017-13287

In createFromParcel of VerifyCredentialResponse.java, there is a possible invalid parcel read due to improper input validation. This could lead to local escalation of privilege if mPayload in writeToParcel were null, with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.6AI score0.00034EPSS
CVE
CVE
added 2018/04/04 6:29 p.m.48 views

CVE-2016-8487

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823724.

10CVSS8.4AI score0.00585EPSS
CVE
CVE
added 2018/04/05 6:29 p.m.48 views

CVE-2017-0744

An elevation of privilege vulnerability in the NVIDIA firmware processing code. Product: Android. Versions: Android kernel. Android ID: A-34112726. References: N-CVE-2017-0744.

5.3CVSS5.7AI score0.00018EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.47 views

CVE-2017-13248

In impeg2_idct_recon_sse42() of impeg2_idct_recon_sse42_intr.c, there is an out of bound write due to a missing bounds check. This could lead to an remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0...

9.3CVSS7.9AI score0.00212EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.47 views

CVE-2017-13255

In process_service_attr_req of sdp_server.c, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7...

8.8CVSS8.5AI score0.00301EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.47 views

CVE-2017-13261

In bnep_process_control_packet of bnep_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1,...

7.5CVSS6.8AI score0.21502EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.47 views

CVE-2017-13272

In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0,...

10CVSS8.6AI score0.00822EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.46 views

CVE-2017-13250

In ih264d_fmt_conv_420sp_to_420p of ih264d_utils.c, there is an out of bound write due to a missing out of bounds check because of a multiplication error. This could lead to an remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product...

9.3CVSS7.9AI score0.00212EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.46 views

CVE-2017-13293

In the nfc_hci_cmd_received() function of core.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. ...

7.8CVSS7.6AI score0.00034EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.45 views

CVE-2017-13253

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.0, 8.1. An...

9.3CVSS7.7AI score0.01232EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.45 views

CVE-2017-13281

In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible stack buffer overflow due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. A...

10CVSS9AI score0.02671EPSS
CVE
CVE
added 2018/04/03 5:29 p.m.45 views

CVE-2017-15836

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if the firmware sends a service ready event to the host with a large number in the num_hw_modes or num_phy, then it could result in an i...

7.5CVSS7.1AI score0.0011EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.44 views

CVE-2017-13251

In impeg2d_dec_pic_data_thread of impeg2d_dec_hdr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when running multi threaded with no additional execution privileges needed. User interaction is needed for exploitation. Produ...

9.3CVSS7.7AI score0.00045EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.44 views

CVE-2017-13256

In process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1...

8.8CVSS8.5AI score0.00301EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.44 views

CVE-2017-13269

A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68818034.

4.3CVSS4.2AI score0.00029EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.44 views

CVE-2017-13279

In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop of pushing items into a vector. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6...

5.5CVSS5.9AI score0.00164EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.44 views

CVE-2017-13282

In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1,...

10CVSS9AI score0.03347EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.44 views

CVE-2017-13290

In sdp_server_handle_client_req of sdp_server.cc, there is an out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7....

6.2CVSS5.8AI score0.00046EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.44 views

CVE-2017-13303

A information disclosure vulnerability in the Broadcom bcmdhd driver. Product: Android. Versions: Android kernel. Android ID: A-71359108. References: B-V2018010501.

5.3CVSS4.9AI score0.00091EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.43 views

CVE-2017-13249

In impeg2d_api_set_display_frame of impeg2d_api_main.c, there is an out of bound write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7....

9.3CVSS7.9AI score0.00212EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.43 views

CVE-2017-13254

A other vulnerability in the Android media framework (AACExtractor). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70239507.

7.8CVSS7.2AI score0.00125EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.43 views

CVE-2017-13258

In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7....

7.5CVSS6.8AI score0.17014EPSS
CVE
CVE
added 2018/04/04 6:29 p.m.42 views

CVE-2015-9009

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393600.

10CVSS8.8AI score0.00585EPSS
CVE
CVE
added 2018/04/04 6:29 p.m.42 views

CVE-2016-8485

An information disclosure vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823681.

7.5CVSS6.8AI score0.00594EPSS
CVE
CVE
added 2018/04/04 6:29 p.m.42 views

CVE-2016-8488

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-31625756.

10CVSS8.4AI score0.00585EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.42 views

CVE-2017-13275

In getVSCoverage of CmapCoverage.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-70808...

5.5CVSS5.3AI score0.00044EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.42 views

CVE-2017-13289

In writeToParcel and createFromParcel of RttManager.java, there is a permission bypass due to a write size mismatch. This could lead to a local escalation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is n...

7.8CVSS7.6AI score0.00013EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.42 views

CVE-2017-13294

A information disclosure vulnerability in the Android framework (aosp email application). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-71814449.

5.3CVSS4.9AI score0.00091EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.42 views

CVE-2017-13300

A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 6.0, 6.0.1. Android ID: A-71567394.

7.5CVSS7AI score0.00113EPSS
CVE
CVE
added 2018/04/03 5:29 p.m.42 views

CVE-2017-15822

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing a 802.11 management frame, a buffer overflow may potentially occur.

8.8CVSS8AI score0.00095EPSS
CVE
CVE
added 2018/04/03 5:29 p.m.42 views

CVE-2017-15837

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a policy for the packet pattern attribute NL80211_PKTPAT_OFFSET is not defined which can lead to a buffer over-read in nla_get_u32().

5.3CVSS4.9AI score0.00091EPSS
CVE
CVE
added 2018/04/04 6:29 p.m.41 views

CVE-2014-9955

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384686.

10CVSS8.7AI score0.00585EPSS
CVE
CVE
added 2018/04/04 6:29 p.m.41 views

CVE-2016-10299

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32577244.

10CVSS8.8AI score0.00312EPSS
CVE
CVE
added 2018/04/05 6:29 p.m.41 views

CVE-2017-0748

An information disclosure vulnerability in the Qualcomm audio driver. Product: Android. Versions: Android Kernel. Android ID: A-35764875. References: QC-CR#2029798.

5.3CVSS5.3AI score0.0008EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.41 views

CVE-2017-13259

In functionality implemented in sdp_discovery.cc, there are possible out of bounds reads due to missing bounds checks. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1,...

7.5CVSS7AI score0.00862EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.41 views

CVE-2017-13263

A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 8.0, 8.1. Android ID: A-69383160.

7.5CVSS7AI score0.00102EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.41 views

CVE-2017-13276

In CProgramConfig_ReadHeightExt of tpdec_asc.cpp, there is a possible stack buffer overflow due to a missing bounds check. This could lead to a remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, ...

7.8CVSS8.1AI score0.01912EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.41 views

CVE-2017-13302

A denial of service vulnerability in the Android system (system ui). Product: Android. Versions: 8.0. Android ID: A-69969749.

7.8CVSS7AI score0.00125EPSS
CVE
CVE
added 2018/04/04 4:29 p.m.41 views

CVE-2017-13304

A information disclosure vulnerability in the Upstream kernel mnh_sm driver. Product: Android. Versions: Android kernel. Android ID: A-70576999.

5.3CVSS4.8AI score0.00091EPSS
CVE
CVE
added 2018/04/03 5:29 p.m.41 views

CVE-2018-5825

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the kernel IPA driver, a Use After Free condition can occur.

7.8CVSS7.2AI score0.00019EPSS
Total number of security vulnerabilities123