CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
5451 CVE-2017-0757 119 Exec Code Overflow 2017-09-08 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815.
5452 CVE-2017-0756 367 Exec Code 2017-09-08 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073.
5453 CVE-2017-0755 2017-09-08 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android libraries (libminikin). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-32178311.
5454 CVE-2017-0753 Exec Code 2017-09-08 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android libraries (libgdx). Product: Android. Versions: 7.1.1, 7.1.2, 8.0. Android ID: A-62218744.
5455 CVE-2017-0752 732 2017-09-08 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework (windowmanager). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62196835.
5456 CVE-2017-0745 665 Exec Code 2017-08-09 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (avc decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37079296.
5457 CVE-2017-0723 665 Exec Code 2017-08-09 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37968755.
5458 CVE-2017-0722 Exec Code 2017-08-09 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (h263 decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37660827.
5459 CVE-2017-0721 20 Exec Code 2017-08-09 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37561455.
5460 CVE-2017-0720 252 Exec Code 2017-08-09 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37430213.
5461 CVE-2017-0719 772 Exec Code 2017-08-09 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273673.
5462 CVE-2017-0718 Exec Code 2017-08-09 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273547.
5463 CVE-2017-0716 129 Exec Code 2017-08-09 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37203196.
5464 CVE-2017-0715 119 Exec Code Overflow 2017-08-09 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36998372.
5465 CVE-2017-0714 Exec Code 2017-08-09 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (h263 decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36492637.
5466 CVE-2017-0711 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the MediaTek networking driver. Product: Android. Versions: Android kernel. Android ID: A-36099953. References: M-ALPS03206781.
5467 CVE-2017-0703 732 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33123882.
5468 CVE-2017-0702 190 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36621442.
5469 CVE-2017-0701 787 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36385715.
5470 CVE-2017-0700 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-35639138.
5471 CVE-2017-0684 787 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35421151.
5472 CVE-2017-0683 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36591008.
5473 CVE-2017-0682 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36588422.
5474 CVE-2017-0681 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37208566.
5475 CVE-2017-0680 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37008096.
5476 CVE-2017-0679 682 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978.
5477 CVE-2017-0678 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36576151.
5478 CVE-2017-0677 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36035074.
5479 CVE-2017-0676 20 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34896431.
5480 CVE-2017-0675 20 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34779227.
5481 CVE-2017-0674 20 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231163.
5482 CVE-2017-0673 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33974623.
5483 CVE-2017-0671 Exec Code 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762.
5484 CVE-2017-0667 20 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37478824.
5485 CVE-2017-0666 682 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37285689.
5486 CVE-2017-0665 20 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36991414.
5487 CVE-2017-0664 2017-07-06 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36491278.
5488 CVE-2017-0648 Exec Code 2017-06-14 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-36101220.
5489 CVE-2017-0637 119 Exec Code Overflow Mem. Corr. 2017-06-14 2017-07-08
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process.Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34064500.
5490 CVE-2017-0605 264 Exec Code 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in the kernel trace subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35399704. References: QC-CR#1048480.
5491 CVE-2017-0604 670 Exec Code 2017-05-12 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-35392981. References: QC-CR#826589.
5492 CVE-2017-0597 190 Exec Code +Priv 2017-05-12 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34749571.
5493 CVE-2017-0596 Exec Code +Priv 2017-05-12 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34749392.
5494 CVE-2017-0595 Exec Code +Priv 2017-05-12 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34705519.
5495 CVE-2017-0594 120 Exec Code +Priv 2017-05-12 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444.
5496 CVE-2017-0593 732 Bypass 2017-05-12 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34114230.
5497 CVE-2017-0592 119 Exec Code Overflow Mem. Corr. 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34970788.
5498 CVE-2017-0591 119 Exec Code Overflow Mem. Corr. 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34097672.
5499 CVE-2017-0590 119 Exec Code Overflow Mem. Corr. 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35039946.
5500 CVE-2017-0589 119 Exec Code Overflow Mem. Corr. 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34897036.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.