Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2017-13200

    An information disclosure vulnerability in the Android media framework (av) related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63100526.... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13199

    In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User ... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13198

    A vulnerability in the Android media framework (ex) related to composition of frames lacking a color map. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68399117.... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13197

    In the ihevcd_parse_slice.c function, slave threads are not joined if there is an error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploita... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13196

    In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User intera... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13195

    In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several parameter values could be negative which could lead to negative indexes which could lead to an infinite loop. This could lead to a remote denial of service of a critical system process wi... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13194

    A vulnerability in the Android media framework (libvpx) related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64710201.... Read more

    Affected Products : android debian_linux
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13193

    In ihevcd_decode.c there is a possible infinite loop due to bytes for an sps of unsupported resolution resulting in the same sps being fed in over and over. This could lead to a remote denial of service of a critical system process with no additional exec... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13192

    In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header.c a slice address of zero after the first slice could result in an infinite loop. This could lead to a remote denial of service of a critical system process with no additional executio... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13191

    In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is no... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13190

    A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68299873.... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13189

    A vulnerability in the Android media framework (libavc) related to handling dec_hdl memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68300072.... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2017-13188

    An information disclosure vulnerability in the Android media framework (aac). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65280786.... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2017-13187

    An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65034175.... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13186

    A vulnerability in the Android media framework (libavc) related to incorrect use of mmco parameters. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65735716.... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2017-13185

    An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65123471.... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13184

    In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2017-13183

    In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, there is a possible use after free due to a race condition if the user frees the buffer while it's being used in another thread. This could lead to a local elevation of privilege enabling c... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13182

    In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution pri... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-13181

    In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. This could lead to an local elevation of privilege enabling code execution as a privileged process with no additional execut... Read more

    Affected Products : android
    • Published: Jan. 12, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292767 Results