Google

Android

7895 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-13194

  • EPSS 0.93%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:08

A vulnerability in the Android media framework (libvpx) related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64710201.

7.8

CVE-2017-13195

  • EPSS 2.29%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:08

In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several parameter values could be negative which could lead to negative indexes which could lead to an infinite loop. This could lead to a remote denial of service of a critical system proce...

7.8

CVE-2017-13196

  • EPSS 3.01%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:08

In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User i...

7.8

CVE-2017-13197

  • EPSS 4.33%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:08

In the ihevcd_parse_slice.c function, slave threads are not joined if there is an error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exp...

7.8

CVE-2017-13198

  • EPSS 0.13%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:08

A vulnerability in the Android media framework (ex) related to composition of frames lacking a color map. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68399117.

7.8

CVE-2017-13199

  • EPSS 3.01%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:08

In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. ...

7.5

CVE-2017-13200

  • EPSS 0.12%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:08

An information disclosure vulnerability in the Android media framework (av) related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63100526.

7.5

CVE-2017-13201

  • EPSS 0.11%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:08

An information disclosure vulnerability in the Android media framework (mediadrm). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63982768.

7.5

CVE-2017-13202

  • EPSS 0.09%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:09

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67647856.

9.1

CVE-2017-13203

  • EPSS 0.1%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:09

An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63122634.