Vulnerabilities > Google > Android > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-01-12 CVE-2017-13205 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (libmpeg2).
network
low complexity
google CWE-200
critical
 9.1
9.1
2018-01-12 CVE-2017-13208 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response.
network
low complexity
google CWE-119
critical
 9.8
9.8
2018-01-10 CVE-2017-11079 Information Exposure vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size.
network
low complexity
google CWE-200
critical
 9.8
9.8
2017-12-06 CVE-2017-0879 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (n/a).
network
low complexity
google CWE-200
critical
 9.1
9.1
2017-12-06 CVE-2017-13149 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (n/a).
network
low complexity
google CWE-200
critical
 9.1
9.1
2017-12-06 CVE-2017-13150 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android media framework (n/a).
network
low complexity
google CWE-200
critical
 9.1
9.1
2017-12-06 CVE-2017-13160 Out-of-bounds Read vulnerability in Google Android
A remote code execution vulnerability in the Android system (bluetooth).
network
low complexity
google CWE-125
critical
 9.8
9.8
2017-12-05 CVE-2017-11005 Use After Free vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Use After Free condition can occur during a deinitialization path.
network
low complexity
google CWE-416
critical
 9.8
9.8
2017-12-05 CVE-2017-11006 Use After Free vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Use After Free condition can occur during positioning.
network
low complexity
google CWE-416
critical
 9.8
9.8
2017-12-05 CVE-2017-14908 Improper Input Validation vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the SafeSwitch test application does not properly validate the number of blocks to verify.
network
low complexity
google CWE-20
critical
 9.8
9.8