Vulnerabilities > Google > Android > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-15 | CVE-2017-18067 | Improper Input Validation vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation while processing an encrypted authentication management frame in lim_send_auth_mgmt_frame() leads to buffer overflow. | 9.8 |
| 2018-02-19 | CVE-2017-7375 | XXE vulnerability in multiple products A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). | 9.8 |
| 2018-02-19 | CVE-2017-7376 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects. | 9.8 |
| 2018-02-12 | CVE-2017-13229 | Improper Input Validation vulnerability in Google Android A remote code execution vulnerability in the Android media framework (n/a). | 9.8 |
| 2018-01-12 | CVE-2017-13177 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In several functions of libhevc, NEON registers are not preserved. | 9.8 |
| 2018-01-12 | CVE-2017-13178 | Use After Free vulnerability in Google Android In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. | 9.8 |
| 2018-01-12 | CVE-2017-13179 | Use After Free vulnerability in Google Android In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. | 9.8 |
| 2018-01-12 | CVE-2017-13185 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the Android media framework (libhevc). | 9.1 |
| 2018-01-12 | CVE-2017-13187 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the Android media framework (libhevc). | 9.1 |
| 2018-01-12 | CVE-2017-13188 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the Android media framework (aac). | 9.1 |