Vulnerabilities > Google > Android > 5.1.1

DATE CVE VULNERABILITY TITLE RISK
2018-04-04 CVE-2017-13262 Out-of-bounds Read vulnerability in Google Android
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing length decrement operation.
low complexity
google CWE-125
6.5
6.5
2018-04-04 CVE-2017-13261 Out-of-bounds Read vulnerability in Google Android
In bnep_process_control_packet of bnep_utils.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
7.5
2018-04-04 CVE-2017-13260 Out-of-bounds Read vulnerability in Google Android
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
7.5
2018-04-04 CVE-2017-13259 Out-of-bounds Read vulnerability in Google Android
In functionality implemented in sdp_discovery.cc, there are possible out of bounds reads due to missing bounds checks.
network
low complexity
google CWE-125
7.5
7.5
2018-04-04 CVE-2017-13258 Out-of-bounds Read vulnerability in Google Android
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
7.5
2018-04-04 CVE-2017-13257 Use After Free vulnerability in Google Android
In bta_pan_data_buf_ind_cback of bta_pan_act.cc there is a use after free that can result in an out of bounds read of memory allocated via malloc.
network
low complexity
google CWE-416
6.5
6.5
2018-04-04 CVE-2017-13256 Out-of-bounds Write vulnerability in Google Android
In process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check.
low complexity
google CWE-787
8.8
8.8
2018-04-04 CVE-2017-13255 Out-of-bounds Write vulnerability in Google Android
In process_service_attr_req of sdp_server.c, there is an out of bounds write due to a missing bounds check.
low complexity
google CWE-787
8.8
8.8
2018-02-19 CVE-2017-7376 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
network
low complexity
xmlsoft google debian CWE-119
critical
 9.8
9.8
2018-02-19 CVE-2017-7375 XXE vulnerability in multiple products
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes).
network
low complexity
xmlsoft debian google CWE-611
critical
 9.8
9.8