Vulnerabilities > Google > Android > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-30 | CVE-2017-14876 | Out-of-bounds Write vulnerability in Google Android In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write. | 9.8 |
| 2018-03-30 | CVE-2017-14877 | Use After Free vulnerability in Google Android While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no mutex lock of allocated memory. | 9.8 |
| 2018-03-30 | CVE-2017-14881 | Use After Free vulnerability in Google Android While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, a use-after-free condition may potentially occur. | 9.8 |
| 2018-03-30 | CVE-2017-14883 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In the function wma_unified_power_debug_stats_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-18, if the value param_buf->num_debug_register received from the FW command buffer is close to max of uint32, then the computation performed using this variable to calculate stats_registers_len may overflow to a smaller value leading to less than required memory allocated for power_stats_results and potentially a buffer overflow while copying the FW buffer to local buffer. | 9.8 |
| 2018-03-30 | CVE-2017-17766 | Integer Overflow or Wraparound vulnerability in Google Android In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-03, the value of num_peers received from firmware is not properly validated so that an integer overflow vulnerability in the size of a buffer allocation may potentially lead to a buffer overflow. | 9.8 |
| 2018-03-30 | CVE-2017-11010 | Unspecified vulnerability in Google Android In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 650/52, SD 835, access control left a configuration space unprotected. | 9.8 |
| 2018-03-30 | CVE-2017-14906 | Unspecified vulnerability in Google Android In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, PKCS7 padding is not supported by the crypto storage APIs. | 9.8 |
| 2018-03-27 | CVE-2014-4959 | SQL Injection vulnerability in Google Android **DISPUTED** SQL injection vulnerability in SQLiteDatabase.java in the SQLi Api in Android allows remote attackers to execute arbitrary SQL commands via the delete method. | 9.8 |
| 2018-03-15 | CVE-2016-10393 | Integer Overflow or Wraparound vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a clip with large size values, integer arithmetic overflows, and allocated buffer size will be less than intended buffer size. | 9.8 |
| 2018-03-15 | CVE-2017-15815 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a potential buffer overflow can happen when processing any 802.11 MGMT frames like Auth frame in limProcessAuthFrame. | 9.8 |