CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
651 CVE-2017-0694 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37093318.
652 CVE-2017-0693 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36993291.
653 CVE-2017-0692 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36725407.
654 CVE-2017-0691 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36724453.
655 CVE-2017-0690 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36592202.
656 CVE-2017-0689 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36215950.
657 CVE-2017-0688 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35584425.
658 CVE-2017-0687 284 DoS 2017-08-18 2017-08-21
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35583675.
659 CVE-2017-0686 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231231.
660 CVE-2017-0685 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34203195.
661 CVE-2017-0684 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35421151.
662 CVE-2017-0683 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36591008.
663 CVE-2017-0682 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36588422.
664 CVE-2017-0681 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37208566.
665 CVE-2017-0680 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37008096.
666 CVE-2017-0679 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36996978.
667 CVE-2017-0678 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36576151.
668 CVE-2017-0677 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36035074.
669 CVE-2017-0676 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34896431.
670 CVE-2017-0675 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34779227.
671 CVE-2017-0674 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34231163.
672 CVE-2017-0673 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33974623.
673 CVE-2017-0672 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android libraries. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-34778578.
674 CVE-2017-0671 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762.
675 CVE-2017-0670 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36104177.
676 CVE-2017-0669 200 +Info 2017-07-06 2017-07-11
4.3
None Remote Medium Not required Partial None None
A information disclosure vulnerability in the Android framework. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34114752.
677 CVE-2017-0668 200 +Info 2017-07-06 2017-07-11
4.3
None Remote Medium Not required Partial None None
A information disclosure vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-22011579.
678 CVE-2017-0667 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37478824.
679 CVE-2017-0666 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37285689.
680 CVE-2017-0665 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36991414.
681 CVE-2017-0664 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36491278.
682 CVE-2017-0663 284 Exec Code 2017-06-14 2017-11-10
6.8
None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.
683 CVE-2017-0649 264 Exec Code 2017-06-14 2017-07-07
7.6
None Remote High Not required Complete Complete Complete
An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability specific details which limit the impact of the issue. Product: Android. Versions: N/A. Android ID: A-34468195. References: M-ALPS03162283.
684 CVE-2017-0647 200 +Info 2017-06-14 2017-07-07
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability in libziparchive could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36392138.
685 CVE-2017-0646 200 +Info 2017-06-14 2017-07-07
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33899337.
686 CVE-2017-0645 200 Bypass +Info 2017-06-14 2017-07-07
4.3
None Remote Medium Not required Partial None None
An elevation of privilege vulnerability in Bluetooth could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it is a local bypass of user interaction requirements. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35385327.
687 CVE-2017-0644 264 DoS 2017-06-14 2017-07-07
7.1
None Remote Medium Not required None None Complete
A remote denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1. Android ID: A-35472997.
688 CVE-2017-0643 264 DoS 2017-06-14 2017-07-07
7.1
None Remote Medium Not required None None Complete
A remote denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-35645051.
689 CVE-2017-0642 264 DoS 2017-06-14 2017-07-07
7.1
None Remote Medium Not required None None Complete
A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34819017.
690 CVE-2017-0641 264 DoS 2017-06-14 2017-07-07
7.1
None Remote Medium Not required None None Complete
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34360591.
691 CVE-2017-0640 264 DoS 2017-06-14 2017-07-07
7.1
None Remote Medium Not required None None Complete
A remote denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33129467.
692 CVE-2017-0639 200 Bypass +Info 2017-06-14 2017-07-07
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35310991.
693 CVE-2017-0638 284 Exec Code 2017-06-14 2017-07-07
6.8
None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability in System UI component could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High because it is a remote arbitrary code execution in an unprivileged process. Product: Android. Versions: 7.1.1, 7.1.2. Android ID: A-36368305.
694 CVE-2017-0637 119 Exec Code Overflow Mem. Corr. 2017-06-14 2017-07-07
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process.Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34064500.
695 CVE-2017-0636 264 Exec Code 2017-06-14 2017-07-07
7.6
None Remote High Not required Complete Complete Complete
An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-35310230. References: M-ALPS03162263.
696 CVE-2017-0635 399 DoS 2017-05-12 2017-05-19
7.1
None Remote Medium Not required None None Complete
A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Low due to details specific to the vulnerability. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-35467107.
697 CVE-2017-0625 200 +Info 2017-05-12 2017-05-24
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A. Android ID: A-35142799. References: M-ALPS03161531.
698 CVE-2017-0620 264 Exec Code 2017-05-12 2017-05-19
7.6
None Remote High Not required Complete Complete Complete
An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35401052. References: QC-CR#1081711.
699 CVE-2017-0619 264 Exec Code 2017-05-12 2017-05-19
7.6
None Remote High Not required Complete Complete Complete
An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35401152. References: QC-CR#826566.
700 CVE-2017-0618 264 Exec Code 2017-05-12 2017-05-24
7.6
None Remote High Not required Complete Complete Complete
An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-35100728. References: M-ALPS03161536.
Total number of vulnerabilities : 891   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 (This Page)15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.