Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-17 | CVE-2017-15855 | Improper Validation of Array Index vulnerability in Google Android In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. | 7.8 |
| 2018-05-10 | CVE-2017-6293 | Out-of-bounds Write vulnerability in Google Android In Android before the 2018-05-05 security patch level, NVIDIA Tegra X1 TZ contains a vulnerability in Widevine TA where the software writes data past the end, or before the beginning, of the intended buffer, which may lead to escalation of Privileges. | 7.8 |
| 2018-05-10 | CVE-2017-6289 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In Android before the 2018-05-05 security patch level, NVIDIA Trusted Execution Environment (TEE) contains a memory corruption (due to unusual root cause) vulnerability, which if run within the speculative execution of the TEE, may lead to local escalation of privileges. | 7.8 |
| 2018-05-02 | CVE-2013-6272 | Improper Access Control vulnerability in Google Android The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangup ongoing calls via a crafted application. | 7.8 |
| 2018-04-20 | CVE-2014-0900 | Improper Input Validation vulnerability in Google Android The Device Administrator code in Android before 4.4.1_r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap data structure. | 8.8 |
| 2018-04-05 | CVE-2017-0431 | Unspecified vulnerability in Google Android An elevation of privilege vulnerability in Qualcomm closed source components. | 7.8 |
| 2018-04-05 | CVE-2016-8482 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the NVIDIA GPU driver. | 7.8 |
| 2018-04-05 | CVE-2015-9016 | Race Condition vulnerability in Google Android In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. | 7.0 |
| 2018-04-04 | CVE-2017-6424 | Unspecified vulnerability in Google Android An elevation of privilege vulnerability in the Qualcomm WiFi driver. | 7.0 |
| 2018-04-04 | CVE-2017-6423 | Unspecified vulnerability in Google Android An elevation of privilege vulnerability in the Qualcomm kyro L2 driver. | 7.0 |