CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13298
https://notcve.org/view.php?id=CVE-2017-13298
A information disclosure vulnerability in the Android media framework (libhavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-72117051. Existe una vulnerabilidad de revelación de información en el media framework de Android (libhavc). • https://source.android.com/security/bulletin/pixel/2018-04-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2017-13283
https://notcve.org/view.php?id=CVE-2017-13283
In avrc_ctrl_pars_vendor_rsp of bluetooth avrcp_ctrl, there is a possible out of bounds write on the stack due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/105482 https://source.android.com/security/bulletin/2018-04-01 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13274
https://notcve.org/view.php?id=CVE-2017-13274
In the getHost() function of UriTest.java, there is the possibility of incorrect web origin determination. This could lead to incorrect security decisions with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • https://source.android.com/security/bulletin/2018-04-01 • CWE-346: Origin Validation Error •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13299
https://notcve.org/view.php?id=CVE-2017-13299
A other vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70897394. Vulnerabilidad no especificada en el media framework de Android (libhavc). • https://source.android.com/security/bulletin/pixel/2018-04-01 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 2CVE-2017-13261 – Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2017-13261
In bnep_process_control_packet of bnep_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • https://www.exploit-db.com/exploits/44327 https://www.exploit-db.com/exploits/44326 http://www.securityfocus.com/bid/103253 https://source.android.com/security/bulletin/2018-03-01 • CWE-125: Out-of-bounds Read •