|
256831
|
7.8 |
HIGH
Local
|
google
|
android
|
In createFromParcel of VerifyCredentialResponse.java, there is a possible invalid parcel read due to improper input validation. This could lead to local escalation of privilege if mPayload in writeTo…
|
CWE-20
Improper Input Validation
|
CVE-2017-13287
|
2024-11-21 12:11 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256832
|
7.8 |
HIGH
Local
|
google
|
android
|
In writeToParcel and readFromParcel of OutputConfiguration.java, there is a permission bypass due to mismatched serialization. This could lead to a local escalation of privilege where the user can st…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-13286
|
2024-11-21 12:11 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256833
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In SvoxSsmlParser and startElement of svox_ssml_parser.cpp, there is a possible out of bounds write due to an uninitialized buffer. This could lead to remote code execution in an unprivileged process…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-13285
|
2024-11-21 12:11 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256834
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In config_set_string of config.cc, it is possible to pair a second BT keyboard without user approval due to improper input validation. This could lead to remote escalation of privilege with no additi…
|
CWE-20
Improper Input Validation
|
CVE-2017-13284
|
2024-11-21 12:11 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256835
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In avrc_ctrl_pars_vendor_rsp of bluetooth avrcp_ctrl, there is a possible out of bounds write on the stack due to a missing bounds check. This could lead to remote code execution with no additional e…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-13283
|
2024-11-21 12:11 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256836
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privile…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-13282
|
2024-11-21 12:11 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256837
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible stack buffer overflow due to an incorrect bounds check. This could lead to remote code execution with no additional execution privile…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-13281
|
2024-11-21 12:11 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256838
|
7.5 |
HIGH
Network
|
google
|
android
|
In the FrameSequence_gif::FrameSequence_gif function of libframesequence, there is a out of bounds read due to a missing bounds check. This could lead to a remote denial of service with no additional…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13280
|
2024-11-21 12:11 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256839
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop of pushing items into a vector. This could lead to remote denial of service with no additional executio…
|
CWE-834
Excessive Iteration
|
CVE-2017-13279
|
2024-11-21 12:11 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256840
|
7.8 |
HIGH
Local
|
google
|
android
|
In MediaPlayerService::Client::notify of MediaPlayerService.cpp, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. U…
|
CWE-416
Use After Free
|
CVE-2017-13278
|
2024-11-21 12:11 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
