Vulnerabilities > Google > Android > 4.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-07 | CVE-2017-0554 | Missing Authorization vulnerability in Google Android An elevation of privilege vulnerability in the Telephony component could enable a local malicious application to access capabilities outside of its permission levels. | 6.8 |
| 2017-04-07 | CVE-2017-0547 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in libmedia in Mediaserver could enable a local malicious application to access data outside of its permission levels. | 4.3 |
| 2017-04-07 | CVE-2017-0546 | NULL Pointer Dereference vulnerability in Google Android An elevation of privilege vulnerability in SurfaceFlinger could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 9.3 |
| 2017-04-07 | CVE-2017-0544 | Operation on a Resource after Expiration or Release vulnerability in Google Android An elevation of privilege vulnerability in CameraBase could enable a local malicious application to execute arbitrary code. | 9.3 |
| 2017-04-07 | CVE-2017-0541 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 9.3 |
| 2017-04-06 | CVE-2016-5349 | Information Exposure vulnerability in Google Android The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to legitimate memory ranges related to the QSEE secure application's HLOS client. | 4.3 |
| 2017-04-04 | CVE-2016-10229 | Improperly Implemented Security Check for Standard vulnerability in multiple products udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag. | 9.8 |
| 2017-04-04 | CVE-2014-9922 | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. | 9.3 |
| 2017-03-08 | CVE-2017-0532 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the MediaTek video codec driver could enable a local malicious application to access data outside of its permission levels. | 2.6 |
| 2017-03-08 | CVE-2017-0529 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. | 4.3 |