Vulnerabilities > Google > Android > 5.1.1

DATE CVE VULNERABILITY TITLE RISK
2018-01-12 CVE-2017-13208 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response.
network
low complexity
google CWE-119
critical
 9.8
9.8
2018-01-12 CVE-2017-13206 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (aacdec).
network
low complexity
google CWE-200
7.5
7.5
2018-01-12 CVE-2017-13202 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (libeffects).
network
low complexity
google CWE-200
7.5
7.5
2018-01-12 CVE-2017-13201 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (mediadrm).
network
low complexity
google CWE-200
7.5
7.5
2018-01-12 CVE-2017-13200 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (av) related to id3 unsynchronization.
network
low complexity
google CWE-200
7.5
7.5
2018-01-12 CVE-2017-13198 Improper Input Validation vulnerability in Google Android
A vulnerability in the Android media framework (ex) related to composition of frames lacking a color map.
network
low complexity
google CWE-20
7.5
7.5
2018-01-12 CVE-2017-13196 Missing Release of Resource after Effective Lifetime vulnerability in Google Android
In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks.
network
low complexity
google CWE-772
7.5
7.5
2018-01-12 CVE-2017-13195 Infinite Loop vulnerability in Google Android
In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several parameter values could be negative which could lead to negative indexes which could lead to an infinite loop.
network
low complexity
google CWE-835
7.5
7.5
2018-01-12 CVE-2017-13194 Improper Input Validation vulnerability in multiple products
A vulnerability in the Android media framework (libvpx) related to odd frame width.
network
low complexity
google debian CWE-20
7.5
7.5
2018-01-12 CVE-2017-13193 Infinite Loop vulnerability in Google Android
In ihevcd_decode.c there is a possible infinite loop due to bytes for an sps of unsupported resolution resulting in the same sps being fed in over and over.
network
low complexity
google CWE-835
7.5
7.5