cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
In Parse_data of eas_mdls.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151096540
Max CVSS
8.8
Published
2020-12-15
Updated
2020-12-16
EPSS
0.11%
In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-159625731
Max CVSS
9.8
Published
2020-11-10
Updated
2022-04-26
EPSS
0.66%
In sbrDecoder_AssignQmfChannels2SbrChannels of sbrdecoder.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9 Android-8.0 Android-8.1Android ID: A-158762825
Max CVSS
9.3
Published
2020-11-10
Updated
2020-11-10
EPSS
0.15%
In btm_sec_disconnected of btm_sec.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution in the Bluetooth server with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-162497143
Max CVSS
9.3
Published
2020-11-10
Updated
2021-07-21
EPSS
0.12%
In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-146398979
Max CVSS
10.0
Published
2020-09-17
Updated
2020-09-23
EPSS
0.10%
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-143604331
Max CVSS
9.8
Published
2020-09-18
Updated
2020-09-24
EPSS
0.10%
In UrlQuerySanitizer, there is a possible improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-73822755
Max CVSS
9.8
Published
2020-09-17
Updated
2020-09-21
EPSS
0.10%
In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155171907
Max CVSS
8.8
Published
2020-09-17
Updated
2021-07-21
EPSS
0.11%
In the Media extractor, there is a possible use after free due to improper locking. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-148223229
Max CVSS
8.8
Published
2020-09-17
Updated
2021-07-21
EPSS
0.12%
In libstagefright, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-116718596
Max CVSS
8.8
Published
2020-09-17
Updated
2021-07-21
EPSS
0.11%
10 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!