Vulnerabilities > Google > Android > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-04 | CVE-2017-13282 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible stack buffer overflow due to a missing bounds check. | 9.8 |
| 2018-04-04 | CVE-2017-13283 | Out-of-bounds Write vulnerability in Google Android In avrc_ctrl_pars_vendor_rsp of bluetooth avrcp_ctrl, there is a possible out of bounds write on the stack due to a missing bounds check. | 9.8 |
| 2018-04-04 | CVE-2017-13284 | Improper Input Validation vulnerability in Google Android In config_set_string of config.cc, it is possible to pair a second BT keyboard without user approval due to improper input validation. | 9.8 |
| 2018-04-04 | CVE-2017-13285 | Out-of-bounds Write vulnerability in Google Android In SvoxSsmlParser and startElement of svox_ssml_parser.cpp, there is a possible out of bounds write due to an uninitialized buffer. | 9.8 |
| 2018-04-04 | CVE-2017-13292 | Out-of-bounds Write vulnerability in Google Android In wl_get_assoc_ies of wl_cfg80211.c, there is a possible out of bounds write due to an incorrect bounds check. | 9.8 |
| 2018-04-03 | CVE-2017-18147 | Improper Input Validation vulnerability in Google Android In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in MMCP, a downlink message is not being properly validated. | 9.8 |
| 2018-04-03 | CVE-2018-3596 | Unspecified vulnerability in Google Android In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, legacy code vulnerable after migration has been removed. | 9.8 |
| 2018-04-03 | CVE-2018-3599 | Use After Free vulnerability in Google Android In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while notifying a DCI client, a Use After Free condition can occur. | 9.8 |
| 2018-03-30 | CVE-2017-14876 | Out-of-bounds Write vulnerability in Google Android In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write. | 9.8 |
| 2018-03-30 | CVE-2017-14877 | Use After Free vulnerability in Google Android While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no mutex lock of allocated memory. | 9.8 |