|
256461
|
7.5 |
HIGH
Network
|
google
|
android
|
In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header.c a slice address of zero after the first slice could result in an infinite loop. This could lead to a remote denial of service …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-13192
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256462
|
7.5 |
HIGH
Network
|
google
|
android
|
In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additi…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-13191
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256463
|
7.5 |
HIGH
Network
|
google
|
android
|
A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68299873.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-13190
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256464
|
7.5 |
HIGH
Network
|
google
|
android
|
A vulnerability in the Android media framework (libavc) related to handling dec_hdl memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68300072.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-13189
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256465
|
9.1 |
CRITICAL
Network
|
google
|
android
|
An information disclosure vulnerability in the Android media framework (aac). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65280786.
|
CWE-200
Information Exposure
|
CVE-2017-13188
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256466
|
9.1 |
CRITICAL
Network
|
google
|
android
|
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65034175.
|
CWE-200
Information Exposure
|
CVE-2017-13187
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256467
|
7.5 |
HIGH
Network
|
google
|
android
|
A vulnerability in the Android media framework (libavc) related to incorrect use of mmco parameters. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65735716.
|
CWE-20
Improper Input Validation
|
CVE-2017-13186
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256468
|
9.1 |
CRITICAL
Network
|
google
|
android
|
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65123471.
|
CWE-200
Information Exposure
|
CVE-2017-13185
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256469
|
7.8 |
HIGH
Local
|
google
|
android
|
In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privilege…
|
CWE-416
Use After Free
|
CVE-2017-13184
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256470
|
7.0 |
HIGH
Local
|
google
|
android
|
In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, there is a possible use after free due to a race condition if the user frees the buffer while it's being used in another thread. This…
|
CWE-362
Race Condition
|
CVE-2017-13183
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
