Vulnerabilities > Google > Android
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-06 | CVE-2017-6284 | Inadequate Encryption Strength vulnerability in multiple products NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate. | 5.5 |
| 2018-03-06 | CVE-2017-6283 | Information Exposure vulnerability in multiple products NVIDIA Security Engine contains a vulnerability in the RSA function where the keyslot read/write lock permissions are cleared on a chip reset which may lead to information disclosure. | 5.5 |
| 2018-03-06 | CVE-2017-6282 | Write-what-where Condition vulnerability in multiple products NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. | 7.8 |
| 2018-03-06 | CVE-2017-6280 | Out-of-bounds Read vulnerability in Google Android NVIDIA driver contains a possible out-of-bounds read vulnerability due to a leak which may lead to information disclosure. | 7.5 |
| 2018-02-23 | CVE-2017-17767 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer. | 7.8 |
| 2018-02-23 | CVE-2017-17765 | Integer Overflow or Wraparound vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, multiple values received from firmware are not properly validated in wma_get_ll_stats_ext_buf() and are used to allocate the sizes of buffers and may be vulnerable to integer overflow leading to buffer overflow. | 7.8 |
| 2018-02-23 | CVE-2017-17764 | Integer Overflow or Wraparound vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the num_failure_info value from firmware is not properly validated in wma_rx_aggr_failure_event_handler() so that an integer overflow vulnerability in a buffer size calculation may potentially lead to a buffer overflow. | 7.8 |
| 2018-02-23 | CVE-2017-15862 | Integer Overflow or Wraparound vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in wma_unified_link_radio_stats_event_handler(), the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow vulnerability followed by a buffer overflow. | 7.8 |
| 2018-02-23 | CVE-2017-15861 | Improper Validation of Array Index vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without validation. | 7.8 |
| 2018-02-23 | CVE-2017-15860 | Type Confusion vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur. | 7.8 |