Vulnerabilities > Google > Android > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-18 | CVE-2018-11296 | Out-of-bounds Write vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a message from firmware in WLAN handler, a buffer overwrite can occur. | 7.2 |
2018-09-18 | CVE-2018-11295 | Out-of-bounds Write vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WMA handler carries a fixed event data from the firmware to the host . | 7.2 |
2018-09-18 | CVE-2018-11281 | Use After Free vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while calling IPA_IOC_MDFY_RT_RULE IPA IOCTL, header entry is not checked before use. | 7.2 |
2018-09-18 | CVE-2018-11274 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, buffer overflow may occur when payload size is extremely large. | 7.2 |
2018-09-18 | CVE-2017-15818 | Integer Overflow or Wraparound vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size. | 7.2 |
2018-09-04 | CVE-2018-11262 | Incorrect Calculation vulnerability in Google Android In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT. | 7.2 |
2018-08-17 | CVE-2018-15482 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT application intents. | 7.5 |
2018-08-17 | CVE-2018-14982 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS application. | 7.5 |
2018-08-17 | CVE-2018-14981 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI application intents. | 7.5 |
2018-07-15 | CVE-2018-14066 | SQL Injection vulnerability in Google Android 6.0/7.0 The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. | 7.5 |