CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities (Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-8241 119 Overflow 2017-06-13 2017-07-07
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a WLAN function due to an incorrect message length.
2 CVE-2017-8240 119 Overflow 2017-06-13 2017-07-07
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability.
3 CVE-2017-8238 119 Overflow 2017-06-13 2017-06-16
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a camera function.
4 CVE-2017-8237 119 Overflow 2017-06-13 2017-07-07
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists while loading a firmware image.
5 CVE-2017-8236 119 Overflow 2017-06-13 2017-07-07
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver.
6 CVE-2017-7372 119 Overflow 2017-06-13 2017-07-07
7.6
None Remote High Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a race condition exists in a video driver potentially leading to buffer overflow or write to arbitrary pointer location.
7 CVE-2017-7365 119 Overflow 2017-06-13 2017-07-07
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated.
8 CVE-2017-5051 190 Overflow 2017-04-24 2017-04-28
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
9 CVE-2017-5050 190 Overflow 2017-04-24 2017-04-28
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
10 CVE-2017-5049 190 Overflow 2017-04-24 2017-04-28
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
11 CVE-2017-5048 190 Overflow 2017-04-24 2017-04-28
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
12 CVE-2017-5047 190 Overflow 2017-04-24 2017-04-28
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
13 CVE-2017-5044 119 Overflow 2017-04-24 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
14 CVE-2017-5037 190 Overflow 2017-04-24 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
15 CVE-2017-5030 119 Exec Code Overflow 2017-04-24 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.
16 CVE-2017-5029 787 Overflow 2017-04-24 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
17 CVE-2017-5025 119 Overflow 2017-02-17 2017-06-30
4.3
None Remote Medium Not required None None Partial
FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
18 CVE-2017-5024 119 Overflow 2017-02-17 2017-06-30
4.3
None Remote Medium Not required None None Partial
FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
19 CVE-2017-5014 119 Overflow 2017-02-17 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow during image processing in Skia in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
20 CVE-2017-5012 119 Overflow 2017-02-17 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21 CVE-2017-5009 119 Overflow 2017-02-17 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
22 CVE-2017-0637 119 Exec Code Overflow Mem. Corr. 2017-06-14 2017-07-07
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process.Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34064500.
23 CVE-2017-0592 119 Exec Code Overflow Mem. Corr. 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34970788.
24 CVE-2017-0591 119 Exec Code Overflow Mem. Corr. 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34097672.
25 CVE-2017-0590 119 Exec Code Overflow Mem. Corr. 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35039946.
26 CVE-2017-0589 119 Exec Code Overflow Mem. Corr. 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34897036.
27 CVE-2017-0588 119 Exec Code Overflow Mem. Corr. 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34618607.
28 CVE-2017-0587 119 Exec Code Overflow Mem. Corr. 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35219737.
29 CVE-2017-0543 119 Exec Code Overflow Mem. Corr. 2017-04-07 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34097866.
30 CVE-2017-0542 119 Exec Code Overflow Mem. Corr. 2017-04-07 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33934721.
31 CVE-2017-0541 119 Exec Code Overflow Mem. Corr. 2017-04-07 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34031018.
32 CVE-2017-0540 119 Exec Code Overflow Mem. Corr. 2017-04-07 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33966031.
33 CVE-2017-0539 119 Exec Code Overflow Mem. Corr. 2017-04-07 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33864300.
34 CVE-2017-0538 119 Exec Code Overflow Mem. Corr. 2017-04-07 2017-07-10
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33641588.
35 CVE-2017-0476 119 Exec Code Overflow Mem. Corr. 2017-03-07 2017-07-17
6.8
None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability in AOSP Messaging could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the context of an unprivileged process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33388925.
36 CVE-2017-0474 119 Exec Code Overflow Mem. Corr. 2017-03-07 2017-07-17
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-32589224.
37 CVE-2017-0473 119 Exec Code Overflow Mem. Corr. 2017-03-07 2017-07-17
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33982658.
38 CVE-2017-0472 119 Exec Code Overflow Mem. Corr. 2017-03-07 2017-07-17
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33862021.
39 CVE-2017-0471 119 Exec Code Overflow Mem. Corr. 2017-03-07 2017-07-17
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33816782.
40 CVE-2017-0470 119 Exec Code Overflow Mem. Corr. 2017-03-07 2017-07-17
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33818500.
41 CVE-2017-0469 119 Exec Code Overflow Mem. Corr. 2017-03-07 2017-07-17
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33450635.
42 CVE-2017-0468 119 Exec Code Overflow Mem. Corr. 2017-03-07 2017-07-17
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33351708.
43 CVE-2017-0467 119 Exec Code Overflow Mem. Corr. 2017-03-07 2017-07-17
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33250932.
44 CVE-2017-0466 119 Exec Code Overflow Mem. Corr. 2017-03-07 2017-07-17
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33139050.
45 CVE-2017-0407 119 Exec Code Overflow Mem. Corr. 2017-02-08 2017-02-10
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. This affects the libhevc library. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32873375.
46 CVE-2017-0406 119 Exec Code Overflow Mem. Corr. 2017-02-08 2017-02-10
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. This affects the libhevc library. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32915871.
47 CVE-2017-0405 119 Exec Code Overflow Mem. Corr. 2017-02-08 2017-02-10
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Surfaceflinger process. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-31960359.
48 CVE-2017-0381 119 Overflow 2017-01-12 2017-06-30
9.3
None Remote Medium Not required Complete Complete Complete
An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432.
49 CVE-2016-10342 119 Overflow 2017-06-13 2017-07-07
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler.
50 CVE-2016-10340 119 Overflow 2017-06-13 2017-07-07
9.3
None Remote Medium Not required Complete Complete Complete
In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler.
Total number of vulnerabilities : 550   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.