|
256471
|
7.8 |
HIGH
Local
|
google
|
android
|
In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-13182
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256472
|
7.8 |
HIGH
Local
|
google
|
android
|
In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. This could lead to an local elevation of privilege enabling code exe…
|
CWE-415
Double Free
|
CVE-2017-13181
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256473
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. This could lead to remote code execution as a pri…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2017-13178
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256474
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-13177
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256475
|
8.8 |
HIGH
Network
|
google
|
android
|
In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege that could enable bypassing user interaction req…
|
CWE-20
Improper Input Validation
|
CVE-2017-13176
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256476
|
4.7 |
MEDIUM
Local
|
google
|
android
|
Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear could be used for side channel attacks and this could lead to local information disclosure with no…
|
CWE-200
Information Exposure
|
CVE-2017-13218
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256477
|
7.8 |
HIGH
Local
|
google
|
android
|
In the onQueueFilled function of SoftAVCDec, there is a possible out-of-bounds write due to a use after free if a bad header causes the decoder to get caught in a loop while another thread frees the …
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2017-13180
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256478
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both ps_codec_obj and ps_create_op->s_ivd_create_op_t.pv_h…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2017-13179
|
2024-11-21 12:11 |
2018-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256479
|
7.5 |
HIGH
Network
|
apple
|
iphone_os
tvos
|
An issue was discovered in certain Apple products. iOS before 11.2.1 is affected. tvOS before 11.2.1 is affected. The issue involves the "HomeKit" component. It allows remote attackers to modify the …
|
NVD-CWE-noinfo
|
CVE-2017-13903
|
2024-11-21 12:11 |
2017-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256480
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-13883
|
2024-11-21 12:11 |
2017-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
