Total
6434 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-11074 | 1 Google | 1 Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is an obsolete set/reset ssid hotlist API. | |||||
CVE-2017-11089 | 1 Google | 1 Android | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes | |||||
CVE-2017-11090 | 1 Google | 1 Android | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in __wlan_hdd_cfg80211_set_pmksa when user space application sends PMKID of size less than WLAN_PMKID_LEN bytes. | |||||
CVE-2017-11093 | 1 Google | 1 Android | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID), kernel memory can be exposed. | |||||
CVE-2017-13196 | 1 Google | 1 Android | 2019-10-02 | 7.8 HIGH | 7.5 HIGH |
In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63522067. | |||||
CVE-2017-13151 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 8.8 HIGH |
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456. | |||||
CVE-2017-13195 | 1 Google | 1 Android | 2019-10-02 | 7.8 HIGH | 7.5 HIGH |
In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several parameter values could be negative which could lead to negative indexes which could lead to an infinite loop. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65398821. | |||||
CVE-2017-13153 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the Android media framework (libaudioservice). Product: Android. Versions: 8.0. Android ID A-65280854. | |||||
CVE-2017-13154 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63666573. | |||||
CVE-2017-13160 | 1 Google | 1 Android | 2019-10-02 | 10.0 HIGH | 9.8 CRITICAL |
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362. | |||||
CVE-2017-13161 | 1 Google | 1 Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
An elevation of privilege vulnerability in the Broadcom wireless driver. Product: Android. Versions: Android kernel. Android ID A-63930471. References: BC-V2017092501. | |||||
CVE-2017-13162 | 1 Google | 1 Android | 2019-10-02 | 9.3 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the kernel binder. Product: Android. Versions: Android kernel. Android ID A-64216036. | |||||
CVE-2017-13163 | 1 Google | 1 Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
An elevation of privilege vulnerability in the kernel mtp usb driver. Product: Android. Versions: Android kernel. Android ID A-37429972. | |||||
CVE-2017-13165 | 1 Google | 1 Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
An elevation of privilege vulnerability in the kernel file system. Product: Android. Versions: Android kernel. Android ID A-31269937. | |||||
CVE-2017-13166 | 1 Google | 1 Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167. | |||||
CVE-2017-13167 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993. | |||||
CVE-2017-13168 | 2 Canonical, Google | 2 Ubuntu Linux, Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233. | |||||
CVE-2017-13170 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the MediaTek display driver. Product: Android. Versions: Android kernel. Android ID A-36102397. References: M-ALPS03359280. | |||||
CVE-2017-13171 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
An elevation of privilege vulnerability in the MediaTek performance service. Product: Android. Versions: Android kernel. Android ID A-64316572. References: M-ALPS03479086. | |||||
CVE-2017-13172 | 1 Google | 1 Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
An elevation of privilege vulnerability in the MediaTek bluetooth driver. Product: Android. Versions: Android kernel. Android ID A-36493287. References: M-ALPS03495791. |