Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  >> 5.0.2  Security Vulnerabilities
CVE-2017-7375
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).
CVSS Score
9.8
EPSS Score
0.003
Published
2018-02-19
CVE-2017-7376
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
CVSS Score
9.8
EPSS Score
0.384
Published
2018-02-19
CVE-2015-7889
The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent.
CVSS Score
5.5
EPSS Score
0.024
Published
2017-12-28
CVE-2017-0851
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-35430570.
CVSS Score
5.3
EPSS Score
0.001
Published
2017-11-16
CVE-2017-0852
A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0. Android ID: A-62815506.
CVSS Score
7.5
EPSS Score
0.001
Published
2017-11-16
CVE-2017-0860
An elevation of privilege vulnerability in the Android system (inputdispatcher). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-31097064.
CVSS Score
5.3
EPSS Score
0.0
Published
2017-11-16
CVE-2017-0862
An elevation of privilege vulnerability in the Upstream kernel kernel. Product: Android. Versions: Android kernel. Android ID: A-36006779.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-11-16
CVE-2017-0863
An elevation of privilege vulnerability in the Upstream kernel video driver. Product: Android. Versions: Android kernel. Android ID: A-37950620.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-11-16
CVE-2017-0864
An elevation of privilege vulnerability in the MediaTek ioctl (flashlight). Product: Android. Versions: Android kernel. Android ID: A-37277147. References: M-ALPS03394571.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-11-16
CVE-2017-0865
An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-65025090. References: M-ALPS02973195.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-11-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved