|
257631
|
7.5 |
HIGH
Network
|
google
|
android
|
A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Versions: 8.0. ID: A-66244132.
|
CWE-200
Information Exposure
|
CVE-2017-13239
|
2024-11-21 12:11 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257632
|
4.2 |
MEDIUM
Physics
|
google
|
android
|
In XBLRamDump mode, there is a debug feature that can be used to dump memory contents, if an attacker has physical access to the device. This could lead to local information disclosure with no additi…
|
CWE-200
Information Exposure
|
CVE-2017-13238
|
2024-11-21 12:11 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257633
|
7.8 |
HIGH
Local
|
google
|
android
|
In the KeyStore service, there is a permissions bypass that allows access to protected resources. This could lead to local escalation of privilege with system execution privileges needed. User intera…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-13236
|
2024-11-21 12:11 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257634
|
6.5 |
MEDIUM
Network
|
google
|
android
|
A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-13235
|
2024-11-21 12:11 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257635
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In DLSParser of the sonivox library, there is possible resource exhaustion due to a memory leak. This could lead to remote temporary denial of service with no additional execution privileges needed. …
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-13234
|
2024-11-21 12:11 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257636
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible resource exhaustion. This could lead to a remote temporary denial of service with no additional execution privileges needed. User…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-13233
|
2024-11-21 12:11 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257637
|
7.5 |
HIGH
Network
|
google
|
android
|
In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated. This could lead to local information disclosure with no additional execu…
|
CWE-200
CWE-787
Information Exposure
Out-of-bounds Write
|
CVE-2017-13232
|
2024-11-21 12:11 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257638
|
7.8 |
HIGH
Local
|
google
|
android
|
In libmediadrm, there is an out-of-bounds write due to improper input validation. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is …
|
CWE-787
Out-of-bounds Write
|
CVE-2017-13231
|
2024-11-21 12:11 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257639
|
8.8 |
HIGH
Network
|
google
|
android
|
In hevc codec, there is an out-of-bounds write due to an incorrect bounds check with the i2_pic_width_in_luma_samples value. This could lead to remote escalation of privilege with no additional execu…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-13230
|
2024-11-21 12:11 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257640
|
9.8 |
CRITICAL
Network
|
google
|
android
|
A remote code execution vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68160703.
|
CWE-20
Improper Input Validation
|
CVE-2017-13229
|
2024-11-21 12:11 |
2018-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
