CVE-2021-0687

MEDIUM Year: 2021
CVSS v3 Score
5.0
Medium
CVSS v2 Score
1.9
Low
Weakness Type
CWE-834
View all →

Vulnerability Description

In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-188913943

Related Vulnerabilities

CVE-2018-5252

MEDIUM
CVSS:5.3(Medium)

libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has a large loop in the get_raw_sample_int function in imagew-main.c.

CWE-8342018

CVE-2019-9547

MEDIUM
CVSS:5.3(Medium)

In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e., virtual machine) could carefully construct a circular descriptor chain that would result in a partial denial...

CWE-8342019

CVE-2017-0775

MEDIUM
CVSS:5.5(Medium)

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673179.

CWE-8342017

CVE-2017-11549

MEDIUM
CVSS:5.5(Medium)

The play_midi function in playmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mid file. NOTE: CPU consumption might be r...

CWE-8342017

CVE-2017-13279

MEDIUM
CVSS:5.5(Medium)

In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop of pushing items into a vector. This could lead to remote denial of service with no additional execution...

CWE-8342017

CVE-2017-9253

MEDIUM
CVSS:5.5(Medium)

The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a craf...

CWE-8342017