Vulnerabilities > Google > Android > 6.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-04 | CVE-2017-13280 | Out-of-bounds Read vulnerability in Google Android In the FrameSequence_gif::FrameSequence_gif function of libframesequence, there is a out of bounds read due to a missing bounds check. | 7.5 |
| 2018-04-04 | CVE-2017-13279 | Excessive Iteration vulnerability in Google Android In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop of pushing items into a vector. | 5.5 |
| 2018-04-04 | CVE-2017-13278 | Use After Free vulnerability in Google Android In MediaPlayerService::Client::notify of MediaPlayerService.cpp, there is a possible use after free. | 7.8 |
| 2018-04-04 | CVE-2017-13277 | Out-of-bounds Write vulnerability in Google Android In ihevcd_fmt_conv of ihevcd_fmt_conv.c, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2018-04-04 | CVE-2017-13276 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In CProgramConfig_ReadHeightExt of tpdec_asc.cpp, there is a possible stack buffer overflow due to a missing bounds check. | 7.8 |
| 2018-04-04 | CVE-2017-13274 | Origin Validation Error vulnerability in Google Android In the getHost() function of UriTest.java, there is the possibility of incorrect web origin determination. | 9.8 |
| 2018-04-04 | CVE-2017-13267 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack corruption due to a missing bounds check. | 9.8 |
| 2018-02-19 | CVE-2017-7376 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects. | 9.8 |
| 2018-02-19 | CVE-2017-7375 | XXE vulnerability in multiple products A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). | 9.8 |
| 2018-02-12 | CVE-2017-13243 | Information Exposure vulnerability in Google Android A information disclosure vulnerability in the Android system (ui). | 7.5 |