VYPR

libavc

by Google

CVEs (25)

  • CVE-2017-13204CriJan 12, 2018
    risk 0.59cvss 9.1epss 0.01

    An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380237.

  • CVE-2017-13228HigFeb 12, 2018
    risk 0.57cvss 8.8epss 0.01

    In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product:…

  • CVE-2017-0591HigMay 12, 2017
    risk 0.51cvss 7.8epss 0.01

    A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0543HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0542HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-0538HigApr 7, 2017
    risk 0.51cvss 7.8epss 0.02

    A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the…

  • CVE-2017-13299HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.00

    A other vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70897394.

  • CVE-2017-13189HigJan 12, 2018
    risk 0.49cvss 7.5epss 0.00

    A vulnerability in the Android media framework (libavc) related to handling dec_hdl memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68300072.

  • CVE-2016-3755HigJul 11, 2016
    risk 0.49cvss 7.5epss 0.01

    decoder/ih264d_parse_pslice.c in mediaserver in Android 6.x before 2016-07-01 does not properly select concealment frames, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28470138.

  • CVE-2019-9410MedSep 27, 2019
    risk 0.42cvss 6.5epss 0.01

    In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9361MedSep 27, 2019
    risk 0.42cvss 6.5epss 0.01

    In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9359MedSep 27, 2019
    risk 0.42cvss 6.5epss 0.01

    In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9338MedSep 27, 2019
    risk 0.42cvss 6.5epss 0.01

    In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9337MedSep 27, 2019
    risk 0.42cvss 6.5epss 0.01

    In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9336MedSep 27, 2019
    risk 0.42cvss 6.5epss 0.01

    In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9335MedSep 27, 2019
    risk 0.42cvss 6.5epss 0.01

    In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9322MedSep 27, 2019
    risk 0.42cvss 6.5epss 0.01

    In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9321MedSep 27, 2019
    risk 0.42cvss 6.5epss 0.01

    In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111208713

  • CVE-2019-9320MedSep 27, 2019
    risk 0.42cvss 6.5epss 0.01

    In libavc, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111761624

  • CVE-2019-9252MedSep 27, 2019
    risk 0.42cvss 6.5epss 0.01

    In libavc there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-73339042

Page 1 of 2