Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-9468 |
In export_key_der of export_key.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-139683471 Published: January 06, 2020; 1:15:23 PM -0500 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2018-15835 |
Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983. Published: November 30, 2018; 1:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-5907 |
Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. Published: July 06, 2018; 3:29:01 PM -0400 |
V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2018-11304 |
Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. Published: July 06, 2018; 3:29:00 PM -0400 |
V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2018-6254 |
In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure. This issue is rated as moderate. Android: A-64340684. Reference: N-CVE-2018-6254. Published: May 10, 2018; 10:29:00 AM -0400 |
V3.0: 3.3 LOW V2.0: 2.1 LOW |
CVE-2018-6246 |
In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as moderate. Android: A-69383916. Reference: N-CVE-2018-6246. Published: May 10, 2018; 10:29:00 AM -0400 |
V3.0: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2017-13269 |
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68818034. Published: April 04, 2018; 1:29:01 PM -0400 |
V3.0: 4.3 MEDIUM V2.0: 3.3 LOW |
CVE-2017-13268 |
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67058064. Published: April 04, 2018; 1:29:01 PM -0400 |
V3.0: 4.3 MEDIUM V2.0: 3.3 LOW |
CVE-2017-13266 |
In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69478941. Published: April 04, 2018; 1:29:01 PM -0400 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2017-13262 |
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing length decrement operation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69271284. Published: April 04, 2018; 1:29:01 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 3.3 LOW |
CVE-2017-13261 |
In bnep_process_control_packet of bnep_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69177292. Published: April 04, 2018; 1:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-13260 |
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69177251. Published: April 04, 2018; 1:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-13259 |
In functionality implemented in sdp_discovery.cc, there are possible out of bounds reads due to missing bounds checks. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68161546. Published: April 04, 2018; 1:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-13258 |
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67863755. Published: April 04, 2018; 1:29:00 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-13257 |
In bta_pan_data_buf_ind_cback of bta_pan_act.cc there is a use after free that can result in an out of bounds read of memory allocated via malloc. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67110692. Published: April 04, 2018; 1:29:00 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-13256 |
In process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68817966. Published: April 04, 2018; 1:29:00 PM -0400 |
V3.0: 8.8 HIGH V2.0: 8.3 HIGH |
CVE-2017-13255 |
In process_service_attr_req of sdp_server.c, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68776054. Published: April 04, 2018; 1:29:00 PM -0400 |
V3.0: 8.8 HIGH V2.0: 8.3 HIGH |
CVE-2017-7376 |
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects. Published: February 19, 2018; 2:29:00 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2017-7375 |
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable). Published: February 19, 2018; 2:29:00 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2017-13243 |
A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991. Published: February 12, 2018; 2:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |