Search Results (Refine Search)
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-6927 |
The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value. Published: February 12, 2018; 2:29:01 PM -0500 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2017-13247 |
In the Pixel 2 bootloader, there is a missing permission check which bypasses carrier bootloader lock. This could lead to local elevation of privileges with user execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-71486645. Published: February 12, 2018; 2:29:01 PM -0500 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2017-13246 |
A information disclosure vulnerability in the Upstream kernel network driver. Product: Android. Versions: Android kernel. ID: A-36279469. Published: February 12, 2018; 2:29:01 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-13245 |
A elevation of privilege vulnerability in the Upstream kernel audio driver. Product: Android. Versions: Android kernel. ID: A-64315347. Published: February 12, 2018; 2:29:01 PM -0500 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2017-13244 |
A elevation of privilege vulnerability in the Upstream kernel easel. Product: Android. Versions: Android kernel. ID: A-62678986. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2017-13243 |
A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-13242 |
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-62672248. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-13241 |
A information disclosure vulnerability in the Android media framework (libstagefright_soft_avcenc). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-69065651. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-13240 |
A information disclosure vulnerability in the Android framework (crypto framework). Product: Android. Versions: 8.0, 8.1. ID: A-68694819. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-13239 |
A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Versions: 8.0. ID: A-66244132. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2017-13238 |
In XBLRamDump mode, there is a debug feature that can be used to dump memory contents, if an attacker has physical access to the device. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-64610940. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 4.2 MEDIUM V2.0: 4.7 MEDIUM |
CVE-2017-13236 |
In the KeyStore service, there is a permissions bypass that allows access to protected resources. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-68217699. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2017-13235 |
A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-13234 |
In DLSParser of the sonivox library, there is possible resource exhaustion due to a memory leak. This could lead to remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68159767. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 7.1 HIGH |
CVE-2017-13233 |
In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible resource exhaustion. This could lead to a remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-62851602. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 7.1 HIGH |
CVE-2017-13232 |
In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68953950. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2017-13231 |
In libmediadrm, there is an out-of-bounds write due to improper input validation. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-67962232. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-13230 |
In hevc codec, there is an out-of-bounds write due to an incorrect bounds check with the i2_pic_width_in_luma_samples value. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65483665. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2017-13229 |
A remote code execution vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68160703. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2017-13228 |
In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69478425. Published: February 12, 2018; 2:29:00 PM -0500 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 9.3 HIGH |