CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android » 4.4.4 : Security Vulnerabilities

Cpe Name:cpe:/o:google:android:4.4.4
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-14496 191 DoS 2017-10-02 2018-05-10
7.8
None Remote Low Not required None None Complete
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
2 CVE-2017-7376 119 Exec Code Overflow 2018-02-19 2018-03-18
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
3 CVE-2017-7375 611 2018-02-19 2018-03-18
7.5
None Remote Low Not required Partial Partial Partial
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).
4 CVE-2017-0823 200 +Info 2017-10-03 2017-10-12
5.0
None Remote Low Not required Partial None None
An information disclosure vulnerability in the Android system (rild). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37896655.
5 CVE-2017-0820 399 2017-10-03 2017-10-12
7.8
None Remote Low Not required None None Complete
A vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62187433.
6 CVE-2017-0817 200 +Info 2017-10-03 2017-10-12
5.0
None Remote Low Not required Partial None None
An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430.
7 CVE-2017-0816 200 +Info 2017-10-03 2017-10-12
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63662938.
8 CVE-2017-0815 200 +Info 2017-10-03 2017-10-12
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63526567.
9 CVE-2017-0814 284 2017-10-03 2017-10-12
7.8
None Remote Low Not required None None Complete
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62800140.
10 CVE-2017-0809 284 Exec Code 2017-10-03 2017-10-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128.
11 CVE-2017-0807 264 2017-10-03 2017-12-12
10.0
None Remote Low Not required Complete Complete Complete
An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974.
12 CVE-2017-0805 264 2017-08-23 2017-08-25
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37237701.
13 CVE-2017-0785 200 +Info 2017-09-14 2018-07-27
3.3
None Local Network Low Not required Partial None None
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698.
14 CVE-2017-0783 200 +Info 2017-09-14 2018-01-18
6.1
None Local Network Low Not required Complete None None
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63145701.
15 CVE-2017-0782 284 Exec Code 2017-09-14 2018-01-18
8.3
None Local Network Low Not required Complete Complete Complete
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237.
16 CVE-2017-0781 284 Exec Code 2017-09-14 2018-04-08
8.3
None Local Network Low Not required Complete Complete Complete
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105.
17 CVE-2017-0779 200 +Info 2017-09-08 2017-09-15
4.3
None Remote Medium Not required Partial None None
A information disclosure vulnerability in the Android media framework (audioflinger). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-38340117.
18 CVE-2017-0777 200 +Info 2017-09-08 2017-09-15
4.3
None Remote Medium Not required None None Partial
A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-38342499.
19 CVE-2017-0775 284 DoS 2017-09-08 2017-09-15
7.1
None Remote Medium Not required None None Complete
A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673179.
20 CVE-2017-0774 284 DoS 2017-09-08 2017-09-15
7.1
None Remote Medium Not required None None Complete
A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62673844.
21 CVE-2017-0770 264 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android media framework (libmediaplayerservice). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38234812.
22 CVE-2017-0768 264 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62019992.
23 CVE-2017-0767 264 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407.
24 CVE-2017-0766 284 Exec Code 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libjhead). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37776688.
25 CVE-2017-0764 284 Exec Code 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libvorbis). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62872015.
26 CVE-2017-0756 284 Exec Code 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073.
27 CVE-2017-0752 264 2017-09-08 2017-09-15
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework (windowmanager). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62196835.
28 CVE-2017-0745 264 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (avc decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37079296.
29 CVE-2017-0738 264 2017-08-09 2017-08-15
4.3
None Remote Medium Not required Partial None None
A information disclosure vulnerability in the Android media framework (audioserver). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37563371.
30 CVE-2017-0737 264 2017-08-09 2018-06-27
6.8
None Remote Medium Not required Partial Partial Partial
A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37563942.
31 CVE-2017-0731 264 2017-08-09 2017-08-15
6.8
None Remote Medium Not required Partial Partial Partial
A elevation of privilege vulnerability in the Android media framework (mpeg4 encoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36075363.
32 CVE-2017-0726 264 DoS 2017-08-09 2017-08-15
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36389123.
33 CVE-2017-0722 264 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (h263 decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37660827.
34 CVE-2017-0714 284 Exec Code 2017-08-09 2017-08-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework (h263 decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36492637.
35 CVE-2017-0713 284 Exec Code 2017-08-09 2017-08-15
6.8
None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability in the Android libraries (sfntly). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-32096780.
36 CVE-2017-0703 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33123882.
37 CVE-2017-0697 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37239013.
38 CVE-2017-0694 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37093318.
39 CVE-2017-0692 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36725407.
40 CVE-2017-0690 264 DoS 2017-07-06 2017-07-11
4.3
None Remote Medium Not required None None Partial
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36592202.
41 CVE-2017-0681 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37208566.
42 CVE-2017-0671 264 Exec Code 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in the Android libraries. Product: Android. Versions: 4.4.4. Android ID: A-34514762.
43 CVE-2017-0668 200 +Info 2017-07-06 2017-07-11
4.3
None Remote Medium Not required Partial None None
A information disclosure vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-22011579.
44 CVE-2017-0666 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37285689.
45 CVE-2017-0665 264 2017-07-06 2017-07-12
9.3
None Remote Medium Not required Complete Complete Complete
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36991414.
46 CVE-2017-0663 284 Exec Code 2017-06-14 2017-11-10
6.8
None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.
47 CVE-2017-0646 200 +Info 2017-06-14 2017-07-07
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-33899337.
48 CVE-2017-0644 264 DoS 2017-06-14 2017-07-07
7.1
None Remote Medium Not required None None Complete
A remote denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1. Android ID: A-35472997.
49 CVE-2017-0641 264 DoS 2017-06-14 2017-07-07
7.1
None Remote Medium Not required None None Complete
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34360591.
50 CVE-2017-0603 399 DoS 2017-05-12 2017-05-19
5.4
None Remote High Not required None None Complete
A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35763994.
Total number of vulnerabilities : 124   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.