Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2024-11-19 CVE-2018-9369 Unspecified vulnerability in Google Android
In bootloader there is fastboot command allowing user specified kernel command line arguments.
local
low complexity
google
7.3
2024-11-19 CVE-2018-9370 Out-of-bounds Write vulnerability in Google Android
In download.c there is a special mode allowing user to download data into memory and causing possible memory corruptions due to missing bounds check.
local
low complexity
google CWE-787
7.3
2024-11-19 CVE-2018-9339 Type Confusion vulnerability in Google Android 8.0/8.1
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion.
local
low complexity
google CWE-843
7.8
2024-11-19 CVE-2018-9341 Out-of-bounds Write vulnerability in Google Android
In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing bounds check.
local
low complexity
google CWE-787
7.8
2024-11-19 CVE-2018-9344 Improper Locking vulnerability in Google Android 8.1
In several functions of DescramblerImpl.cpp, there is a possible use after free due to improper locking.
local
low complexity
google CWE-667
7.8
2024-11-19 CVE-2017-13315 Incorrect Calculation of Buffer Size vulnerability in Google Android
In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch.
local
low complexity
google CWE-131
7.8
2024-11-19 CVE-2018-9338 Out-of-bounds Write vulnerability in Google Android
In ResStringPool::setTo of ResourceTypes.cpp, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
2024-11-19 CVE-2023-21270 Incorrect Authorization vulnerability in Google Android 12.0/12.1/13.0
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update.
local
low complexity
google CWE-863
7.8
2024-11-15 CVE-2017-13310 Incorrect Default Permissions vulnerability in Google Android
In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass.
local
low complexity
google CWE-276
7.8
2024-11-15 CVE-2017-13312 Unspecified vulnerability in Google Android 8.0
In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation.
local
low complexity
google
7.8