VYPR

Android

by Google

CVEs (4,715)

  • CVE-2017-13259HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.01

    In functionality implemented in sdp_discovery.cc, there are possible out of bounds reads due to missing bounds checks. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2017-13254HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A other vulnerability in the Android media framework (AACExtractor). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70239507.

  • CVE-2017-13302HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A denial of service vulnerability in the Android system (system ui). Product: Android. Versions: 8.0. Android ID: A-69969749.

  • CVE-2017-13301HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A denial of service vulnerability in the Android system (system ui). Product: Android. Versions: 8.0. Android ID: A-66498711.

  • CVE-2017-13300HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 6.0, 6.0.1. Android ID: A-71567394.

  • CVE-2017-13299HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A other vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70897394.

  • CVE-2017-13291HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.01

    In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible NULL pointer dereference due to missing bounds checks. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2017-13280HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.01

    In the FrameSequence_gif::FrameSequence_gif function of libframesequence, there is a out of bounds read due to a missing bounds check. This could lead to a remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.…

  • CVE-2017-11087HigMar 30, 2018
    risk 0.49cvss 7.5epss 0.01

    libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the "filled length", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context of mediaserver.

  • CVE-2017-18060HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for resp_event->vdev_id in wma_unified_bcntx_status_event_handler(), which is received from firmware, leads to potential out of bounds memory…

  • CVE-2017-18057HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_nlo_scan_cmp_evt_handler(), which is received from firmware, leads to potential out of bounds memory read.

  • CVE-2017-18052HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for cmpl_params->num_reports, param_buf->desc_ids and param_buf->status in wma_mgmt_tx_bundle_completion_handler(), which is received from…

  • CVE-2017-18069HigMar 15, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper message length calculation in oem_cmd_handler() while processing a WLAN_NL_MSG_OEM netlink message leads to buffer overread.

  • CVE-2017-14878HigMar 15, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a length variable which is used to copy data has a size of only 8 bits and can be exceeded resulting in a denial of service.

  • CVE-2017-13246HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A information disclosure vulnerability in the Upstream kernel network driver. Product: Android. Versions: Android kernel. ID: A-36279469.

  • CVE-2017-13243HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991.

  • CVE-2017-13242HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-62672248.

  • CVE-2017-13241HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A information disclosure vulnerability in the Android media framework (libstagefright_soft_avcenc). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-69065651.

  • CVE-2017-13240HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.01

    A information disclosure vulnerability in the Android framework (crypto framework). Product: Android. Versions: 8.0, 8.1. ID: A-68694819.

  • CVE-2017-13239HigFeb 12, 2018
    risk 0.49cvss 7.5epss 0.00

    A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Versions: 8.0. ID: A-66244132.

Page 121 of 236