Page 94 of 1805 results (0.007 seconds)

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

In bta_pan_data_buf_ind_cback of bta_pan_act.cc there is a use after free that can result in an out of bounds read of memory allocated via malloc. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/103253 https://source.android.com/security/bulletin/2018-03-01 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

In functionality implemented in sdp_discovery.cc, there are possible out of bounds reads due to missing bounds checks. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/103253 https://source.android.com/security/bulletin/2018-03-01 • CWE-125: Out-of-bounds Read •

CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0

In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/103253 https://source.android.com/security/bulletin/2018-03-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0

In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. • http://www.securityfocus.com/bid/103253 https://source.android.com/security/bulletin/2018-03-01 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

A elevation of privilege vulnerability in the Android system (OTA updates). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-36232423. Vulnerabilidad de elevación de privilegios en el sistema de Android (actualizaciones OTA). • https://source.android.com/security/bulletin/pixel/2018-03-01 •