CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13229
https://notcve.org/view.php?id=CVE-2017-13229
A remote code execution vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68160703. Existe una vulnerabilidad de ejecución remota de código en el media framework de Android (n/a). • http://www.securityfocus.com/bid/103016 https://source.android.com/security/bulletin/pixel/2018-02-01 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13242
https://notcve.org/view.php?id=CVE-2017-13242
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-62672248. Existe una vulnerabilidad de divulgación de información en el sistema de Android (bluetooth). • http://www.securityfocus.com/bid/103014 https://source.android.com/security/bulletin/pixel/2018-02-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13232
https://notcve.org/view.php?id=CVE-2017-13232
In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/102976 https://source.android.com/security/bulletin/2018-02-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13241
https://notcve.org/view.php?id=CVE-2017-13241
A information disclosure vulnerability in the Android media framework (libstagefright_soft_avcenc). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-69065651. Existe una vulnerabilidad de revelación de información en el media framework de Android (libstagefright_soft_avcenc). • http://www.securityfocus.com/bid/103017 https://source.android.com/security/bulletin/pixel/2018-02-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13228
https://notcve.org/view.php?id=CVE-2017-13228
In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/102976 https://source.android.com/security/bulletin/2018-02-01 • CWE-787: Out-of-bounds Write •