CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2851 CVE-2017-0762 284 Exec Code 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62214264.
2852 CVE-2017-0761 284 Exec Code 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38448381.
2853 CVE-2017-0760 284 Exec Code 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37237396.
2854 CVE-2017-0759 284 Exec Code 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36715268.
2855 CVE-2017-0758 264 Exec Code 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36492741.
2856 CVE-2017-0757 284 Exec Code 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815.
2857 CVE-2017-0756 284 Exec Code 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073.
2858 CVE-2017-0755 264 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android libraries (libminikin). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-32178311.
2859 CVE-2017-0753 284 Exec Code 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android libraries (libgdx). Product: Android. Versions: 7.1.1, 7.1.2, 8.0. Android ID: A-62218744.
2860 CVE-2017-0752 264 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework (windowmanager). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62196835.
2861 CVE-2017-0745 264 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (avc decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37079296.
2862 CVE-2017-0723 264 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37968755.
2863 CVE-2017-0722 264 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (h263 decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37660827.
2864 CVE-2017-0721 264 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37561455.
2865 CVE-2017-0720 264 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37430213.
2866 CVE-2017-0719 264 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273673.
2867 CVE-2017-0718 264 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (mpeg2 decoder). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37273547.
2868 CVE-2017-0716 264 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37203196.
2869 CVE-2017-0715 264 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36998372.
2870 CVE-2017-0714 284 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (h263 decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36492637.
2871 CVE-2017-0711 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the MediaTek networking driver. Product: Android. Versions: Android kernel. Android ID: A-36099953. References: M-ALPS03206781.
2872 CVE-2017-0703 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33123882.
2873 CVE-2017-0702 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36621442.
2874 CVE-2017-0701 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36385715.
2875 CVE-2017-0700 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android system ui. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-35639138.
2876 CVE-2017-0684 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35421151.
2877 CVE-2017-0683 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36591008.
2878 CVE-2017-0682 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36588422.
2879 CVE-2017-0681 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37208566.
2880 CVE-2017-0680 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37008096.
2881 CVE-2017-0679 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978.
2882 CVE-2017-0678 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36576151.
2883 CVE-2017-0677 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36035074.
2884 CVE-2017-0676 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34896431.
2885 CVE-2017-0675 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34779227.
2886 CVE-2017-0674 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231163.
2887 CVE-2017-0673 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33974623.
2888 CVE-2017-0671 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762.
2889 CVE-2017-0667 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37478824.
2890 CVE-2017-0666 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37285689.
2891 CVE-2017-0665 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36991414.
2892 CVE-2017-0664 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36491278.
2893 CVE-2017-0648 264 Exec Code 2017-06-14 2017-07-07
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-36101220.
2894 CVE-2017-0637 119 Exec Code Overflow Mem. Corr. 2017-06-14 2017-07-07
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process.Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34064500.
2895 CVE-2017-0605 264 Exec Code 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in the kernel trace subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35399704. References: QC-CR#1048480.
2896 CVE-2017-0604 264 Exec Code 2017-05-12 2017-05-24
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-35392981. References: QC-CR#826589.
2897 CVE-2017-0597 264 Exec Code +Priv 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34749571.
2898 CVE-2017-0596 264 Exec Code +Priv 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34749392.
2899 CVE-2017-0595 264 Exec Code +Priv 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34705519.
2900 CVE-2017-0594 264 Exec Code +Priv 2017-05-12 2017-05-19
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.