Vulnerabilities > Google > Android > 2.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-30 | CVE-2018-15835 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Android 1.0 through 9.0 has Insecure Permissions. | 7.5 |
| 2018-07-06 | CVE-2018-5907 | Integer Overflow or Wraparound vulnerability in Google Android Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | 7.8 |
| 2018-07-06 | CVE-2018-11304 | Integer Overflow or Wraparound vulnerability in Google Android Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | 7.8 |
| 2018-05-10 | CVE-2018-6254 | Out-of-bounds Read vulnerability in Google Android In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure. | 3.3 |
| 2018-05-10 | CVE-2018-6246 | Information Exposure vulnerability in Google Android In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. | 5.3 |
| 2018-04-20 | CVE-2014-0900 | Improper Input Validation vulnerability in Google Android The Device Administrator code in Android before 4.4.1_r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap data structure. | 8.8 |
| 2017-12-28 | CVE-2015-7889 | Permission Issues vulnerability in Google Android The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent. | 5.5 |
| 2017-10-18 | CVE-2014-3164 | NULL Pointer Dereference vulnerability in Google Android cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths. | 7.5 |
| 2017-09-28 | CVE-2015-1537 | Integer Overflow or Wraparound vulnerability in Google Android Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application. | 7.8 |
| 2017-09-28 | CVE-2015-1526 | Integer Overflow or Wraparound vulnerability in Google Android The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. | 5.5 |