Max CVSS 9.3 Min CVSS 6.9 Total Count14
IDCVSSSummaryLast (major) updatePublished
CVE-2017-13273 None
In xt_qtaguid.c, there is a race condition due to insufficient locking. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Andr
14-02-2018 - 21:29 14-02-2018 - 21:29
CVE-2017-13247 None
In the Pixel 2 bootloader, there is a missing permission check which bypasses carrier bootloader lock. This could lead to local elevation of privileges with user execution privileges needed. User interaction is not needed for exploitation. Product: A
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13238 None
In XBLRamDump mode, there is a debug feature that can be used to dump memory contents, if an attacker has physical access to the device. This could lead to local information disclosure with no additional execution privileges needed. User interaction
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13236 None
In the KeyStore service, there is a permissions bypass that allows access to protected resources. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation. Product: Andr
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13234 None
In DLSParser of the sonivox library, there is possible resource exhaustion due to a memory leak. This could lead to remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Produc
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13233 None
In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible resource exhaustion. This could lead to a remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: A
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13232 None
In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not nee
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13231 None
In libmediadrm, there is an out-of-bounds write due to improper input validation. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Vers
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13230 None
In hevc codec, there is an out-of-bounds write due to an incorrect bounds check with the i2_pic_width_in_luma_samples value. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-13228 None
In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is need
12-02-2018 - 14:29 12-02-2018 - 14:29
CVE-2017-6279 None
NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. This issue is rated as high. Product: And
06-02-2018 - 08:29 06-02-2018 - 08:29
CVE-2017-6258 None
NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. This issue is rated as high. Product: And
06-02-2018 - 08:29 06-02-2018 - 08:29
CVE-2017-15265 6.9
Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clie
16-10-2017 - 14:29 16-10-2017 - 14:29
CVE-2017-11041 9.3
In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another.
21-09-2017 - 11:29 21-09-2017 - 11:29
Back to Top Mark selected
Back to Top