Google

Android

8032 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-13182

  • EPSS 0.03%
  • Veröffentlicht 12.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:11:06

In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional executio...

7

CVE-2017-13183

  • EPSS 0.03%
  • Veröffentlicht 12.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:11:06

In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, there is a possible use after free due to a race condition if the user frees the buffer while it's being used in another thread. This could lead to a local elevation of privilege enabl...

7.8

CVE-2017-13184

  • EPSS 0.04%
  • Veröffentlicht 12.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:11:06

In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges n...

9.1

CVE-2017-13185

  • EPSS 0.12%
  • Veröffentlicht 12.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:11:06

An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65123471.

7.8

CVE-2017-13186

  • EPSS 0.1%
  • Veröffentlicht 12.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:11:07

A vulnerability in the Android media framework (libavc) related to incorrect use of mmco parameters. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65735716.

9.1

CVE-2017-13187

  • EPSS 0.12%
  • Veröffentlicht 12.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:11:07

An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65034175.

9.1

CVE-2017-13188

  • EPSS 0.16%
  • Veröffentlicht 12.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:11:07

An information disclosure vulnerability in the Android media framework (aac). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65280786.

7.8

CVE-2017-13189

  • EPSS 0.15%
  • Veröffentlicht 12.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:11:07

A vulnerability in the Android media framework (libavc) related to handling dec_hdl memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68300072.

7.8

CVE-2017-13190

  • EPSS 0.1%
  • Veröffentlicht 12.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:11:07

A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68299873.

7.8

CVE-2017-13191

  • EPSS 2.29%
  • Veröffentlicht 12.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:11:07

In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction ...