|
263901
|
7.5 |
HIGH
Network
|
google
|
android
|
In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additi…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-13191
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263902
|
7.5 |
HIGH
Network
|
google
|
android
|
A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68299873.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-13190
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263903
|
7.5 |
HIGH
Network
|
google
|
android
|
A vulnerability in the Android media framework (libavc) related to handling dec_hdl memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68300072.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-13189
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263904
|
9.1 |
CRITICAL
Network
|
google
|
android
|
An information disclosure vulnerability in the Android media framework (aac). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65280786.
|
CWE-200
Information Exposure
|
CVE-2017-13188
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263905
|
9.1 |
CRITICAL
Network
|
google
|
android
|
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65034175.
|
CWE-200
Information Exposure
|
CVE-2017-13187
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263906
|
7.5 |
HIGH
Network
|
google
|
android
|
A vulnerability in the Android media framework (libavc) related to incorrect use of mmco parameters. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65735716.
|
CWE-20
Improper Input Validation
|
CVE-2017-13186
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263907
|
9.1 |
CRITICAL
Network
|
google
|
android
|
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65123471.
|
CWE-200
Information Exposure
|
CVE-2017-13185
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263908
|
7.8 |
HIGH
Local
|
google
|
android
|
In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privilege…
|
CWE-416
Use After Free
|
CVE-2017-13184
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263909
|
7.0 |
HIGH
Local
|
google
|
android
|
In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, there is a possible use after free due to a race condition if the user frees the buffer while it's being used in another thread. This…
|
CWE-362
Race Condition
|
CVE-2017-13183
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263910
|
7.8 |
HIGH
Local
|
google
|
android
|
In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-13182
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
