Google : Security Vulnerabilities, CVEs, Published In 2017 (Code Execution) CVSS score >= 6
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362.
Max CVSS
10.0
EPSS Score
0.13%
Published
2017-12-06
Updated
2019-10-03
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63874456.
Max CVSS
9.3
EPSS Score
0.19%
Published
2017-12-06
Updated
2019-10-03
An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34373711. References: N-CVE-2017-6249.
Max CVSS
7.6
EPSS Score
0.14%
Published
2017-07-13
Updated
2019-10-03
An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34372667. References: N-CVE-2017-6248.
Max CVSS
7.6
EPSS Score
0.14%
Published
2017-07-06
Updated
2019-10-03
An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of local arbitrary code execution in a privileged process in the kernel. Product: Android. Versions: N/A. Android ID: A-34386301. References: N-CVE-2017-6247.
Max CVSS
9.3
EPSS Score
0.08%
Published
2017-07-06
Updated
2019-10-03
Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase.
Max CVSS
8.8
EPSS Score
4.58%
Published
2017-10-27
Updated
2022-04-06
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
14.30%
Published
2017-10-27
Updated
2022-04-06
Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
27.52%
Published
2017-10-27
Updated
2017-12-31
CVE-2017-5070
Known exploited
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
22.65%
Published
2017-10-27
Updated
2022-04-06
CISA KEV Added
2022-06-08
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf.
Max CVSS
9.6
EPSS Score
41.88%
Published
2017-10-27
Updated
2022-04-11
CVE-2017-5030
Known exploited
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.
Max CVSS
8.8
EPSS Score
56.57%
Published
2017-04-24
Updated
2022-04-22
CISA KEV Added
2022-06-08
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to require a user gesture for powerful download operations, which allowed a remote attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted HTML page.
Max CVSS
6.1
EPSS Score
2.85%
Published
2017-02-17
Updated
2018-01-05
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 8.0. Android ID A-65186291.
Max CVSS
9.3
EPSS Score
0.13%
Published
2017-12-06
Updated
2017-12-19
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-66372937.
Max CVSS
9.3
EPSS Score
0.13%
Published
2017-12-06
Updated
2017-12-19
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0. Android ID A-64964675.
Max CVSS
9.3
EPSS Score
0.13%
Published
2017-12-06
Updated
2017-12-19
A remote code execution vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65290323.
Max CVSS
9.3
EPSS Score
0.13%
Published
2017-12-06
Updated
2017-12-19
A remote code execution vulnerability in the Android system (libutils). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37723026.
Max CVSS
9.3
EPSS Score
0.18%
Published
2017-11-16
Updated
2019-10-03
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64893226.
Max CVSS
9.3
EPSS Score
0.18%
Published
2017-11-16
Updated
2019-10-03
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63316832.
Max CVSS
9.3
EPSS Score
0.18%
Published
2017-11-16
Updated
2019-10-03
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63125953.
Max CVSS
9.3
EPSS Score
0.13%
Published
2017-11-16
Updated
2019-10-03
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62896384.
Max CVSS
9.3
EPSS Score
0.18%
Published
2017-11-16
Updated
2019-10-03
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62887820.
Max CVSS
9.3
EPSS Score
0.18%
Published
2017-11-16
Updated
2019-10-03
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37930177.
Max CVSS
9.3
EPSS Score
0.35%
Published
2017-10-04
Updated
2019-10-03
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38207066.
Max CVSS
9.3
EPSS Score
0.35%
Published
2017-10-04
Updated
2019-10-03
A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128.
Max CVSS
9.3
EPSS Score
0.35%
Published
2017-10-04
Updated
2019-10-03