Total
6434 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13233 | 1 Google | 1 Android | 2018-03-13 | 7.1 HIGH | 6.5 MEDIUM |
| In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible resource exhaustion. This could lead to a remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-62851602. | |||||
| CVE-2017-15820 | 1 Google | 1 Android | 2018-03-12 | 7.2 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, in a KGSL IOCTL handler, a Use After Free Condition can potentially occur. | |||||
| CVE-2017-17764 | 1 Google | 1 Android | 2018-03-12 | 7.2 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the num_failure_info value from firmware is not properly validated in wma_rx_aggr_failure_event_handler() so that an integer overflow vulnerability in a buffer size calculation may potentially lead to a buffer overflow. | |||||
| CVE-2017-15862 | 1 Google | 1 Android | 2018-03-12 | 7.2 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, in wma_unified_link_radio_stats_event_handler(), the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow vulnerability followed by a buffer overflow. | |||||
| CVE-2017-17767 | 1 Google | 1 Android | 2018-03-12 | 7.2 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer. | |||||
| CVE-2017-15861 | 1 Google | 1 Android | 2018-03-12 | 7.2 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without validation. | |||||
| CVE-2017-15817 | 1 Google | 1 Android | 2018-03-12 | 9.3 HIGH | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, when an access point sends a challenge text greater than 128 bytes, the host driver is unable to validate this potentially leading to authentication failure. | |||||
| CVE-2017-15829 | 1 Google | 1 Android | 2018-03-12 | 6.9 MEDIUM | 7.0 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition. | |||||
| CVE-2017-13235 | 1 Google | 1 Android | 2018-03-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866. | |||||
| CVE-2017-13232 | 1 Google | 1 Android | 2018-03-07 | 7.8 HIGH | 7.5 HIGH |
| In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68953950. | |||||
| CVE-2017-13240 | 1 Google | 1 Android | 2018-03-07 | 5.0 MEDIUM | 7.5 HIGH |
| A information disclosure vulnerability in the Android framework (crypto framework). Product: Android. Versions: 8.0, 8.1. ID: A-68694819. | |||||
| CVE-2017-13239 | 1 Google | 1 Android | 2018-03-07 | 5.0 MEDIUM | 7.5 HIGH |
| A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Versions: 8.0. ID: A-66244132. | |||||
| CVE-2017-13241 | 1 Google | 1 Android | 2018-03-07 | 5.0 MEDIUM | 7.5 HIGH |
| A information disclosure vulnerability in the Android media framework (libstagefright_soft_avcenc). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-69065651. | |||||
| CVE-2017-13242 | 1 Google | 1 Android | 2018-03-07 | 5.0 MEDIUM | 7.5 HIGH |
| A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-62672248. | |||||
| CVE-2017-8260 | 1 Google | 1 Android | 2018-03-06 | 6.8 MEDIUM | 7.8 HIGH |
| In all Qualcomm products with Android releases from CAF using the Linux kernel, due to a type downcast, a value may improperly pass validation and cause an out of bounds write later. | |||||
| CVE-2017-13229 | 1 Google | 1 Android | 2018-03-06 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68160703. | |||||
| CVE-2017-13246 | 1 Google | 1 Android | 2018-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| A information disclosure vulnerability in the Upstream kernel network driver. Product: Android. Versions: Android kernel. ID: A-36279469. | |||||
| CVE-2017-13243 | 1 Google | 1 Android | 2018-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991. | |||||
| CVE-2017-6258 | 1 Google | 1 Android | 2018-03-01 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. This issue is rated as high. Product: Android. Version: N/A. Android: A-38027496. Reference: N-CVE-2017-6258. | |||||
| CVE-2017-6279 | 1 Google | 1 Android | 2018-03-01 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. This issue is rated as high. Product: Android. Version: N/A. Android: A-65023166. Reference: N-CVE-2017-6279. | |||||