Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-11 | CVE-2018-9582 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 8.0/8.1/9.0 In package installer in Android-8.0, Android-8.1 and Android-9, there is a possible bypass of the unknown source warning due to a confused deputy scenario. | 7.8 |
| 2019-02-11 | CVE-2018-13893 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Out of bound mask range access caused by using possible old value of msg mask table count while copying masks to userspace. | 7.8 |
| 2019-02-11 | CVE-2018-13889 | Use After Free vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Heap memory was accessed after it was freed | 7.8 |
| 2019-02-11 | CVE-2018-12014 | Use After Free vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Null pointer dereference vulnerability may occur due to missing NULL assignment in NAT module of freed pointer. | 7.8 |
| 2019-02-11 | CVE-2018-12010 | Out-of-bounds Write vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Absence of length sanity check may lead to possible stack overflow resulting in memory corruption in trustzone region. | 7.8 |
| 2019-02-11 | CVE-2018-11962 | Use After Free vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Use-after-free issue in heap while loading audio effects config in audio effects factory. | 7.8 |
| 2019-01-31 | CVE-2018-6241 | Improper Input Validation vulnerability in Google Android NVIDIA Tegra Gralloc module contains a vulnerability in driver in which it does not validate input parameter of the registerbuffer API, which may lead to arbitrary code execution, denial of service, or escalation of privileges. | 7.8 |
| 2018-12-20 | CVE-2018-11988 | Use After Free vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Un-trusted pointer de-reference issue by accessing a variable which is already freed. | 7.8 |
| 2018-12-20 | CVE-2018-11987 | Double Free vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic. | 7.8 |
| 2018-12-20 | CVE-2018-11986 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in TX and RX FIFOs of microcontroller in camera subsystem used to exchange commands and messages between Micro FW and CPP driver. | 7.8 |