Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-14 | CVE-2018-9525 | Unspecified vulnerability in Google Android 9.0 In the AndroidManifest.xml file defining the SliceBroadcastReceiver handler for com.android.settings.slice.action.WIFI_CHANGED, there is a possible permissions bypass due to a confused deputy. | 7.8 |
| 2018-11-14 | CVE-2018-9524 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In functionality implemented in System UI, there are insufficient protections implemented around overlay windows. | 7.8 |
| 2018-11-14 | CVE-2018-9523 | Improper Input Validation vulnerability in Google Android In Parcel.writeMapInternal of Parcel.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. | 7.8 |
| 2018-11-14 | CVE-2018-9522 | Out-of-bounds Write vulnerability in Google Android 9.0 In the serialization functions of StatsLogEventWrapper.java, there is a possible out-of-bounds write due to unnecessary functionality which may be abused. | 7.8 |
| 2018-11-14 | CVE-2018-9521 | Out-of-bounds Write vulnerability in Google Android 9.0 In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out of bounds write due to an incorrect bounds check. | 8.8 |
| 2018-11-06 | CVE-2018-9516 | Out-of-bounds Write vulnerability in multiple products In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2018-11-06 | CVE-2018-9489 | Information Exposure vulnerability in Google Android When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. | 7.5 |
| 2018-11-06 | CVE-2018-9488 | Incorrect Authorization vulnerability in Google Android 8.0/8.1/9.0 In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. | 7.8 |
| 2018-11-06 | CVE-2018-9465 | Use After Free vulnerability in Google Android In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. | 7.8 |
| 2018-11-06 | CVE-2018-9459 | Path Traversal vulnerability in Google Android In Attachment of Attachment.java and getFilePath of EmlAttachmentProvider.java, there is a possible Elevation of Privilege due to a path traversal error. | 8.8 |