CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13266
https://notcve.org/view.php?id=CVE-2017-13266
In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/103253 https://source.android.com/security/bulletin/2018-03-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2017-13272
https://notcve.org/view.php?id=CVE-2017-13272
In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/103253 https://source.android.com/security/bulletin/2018-03-01 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-13265
https://notcve.org/view.php?id=CVE-2017-13265
A elevation of privilege vulnerability in the Android system (OTA updates). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-36232423. Vulnerabilidad de elevación de privilegios en el sistema de Android (actualizaciones OTA). • https://source.android.com/security/bulletin/pixel/2018-03-01 •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2017-13268
https://notcve.org/view.php?id=CVE-2017-13268
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67058064. Existe una vulnerabilidad de divulgación de información en el sistema de Android (bluetooth). • https://source.android.com/security/bulletin/pixel/2018-03-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13254
https://notcve.org/view.php?id=CVE-2017-13254
A other vulnerability in the Android media framework (AACExtractor). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70239507. Vulnerabilidad no especificada en el media framework de Android (AACExtractor). • https://source.android.com/security/bulletin/pixel/2018-03-01 •