Vulnerabilities > Google > Android > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-06 | CVE-2018-5864 | Out-of-bounds Read vulnerability in Google Android While processing a WMI_APFIND event in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read and information leak can potentially occur. | 2.1 |
| 2018-07-06 | CVE-2018-5865 | Integer Underflow (Wrap or Wraparound) vulnerability in Google Android While processing a debug log event from firmware in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur. | 2.1 |
| 2018-07-06 | CVE-2017-14872 | Out-of-bounds Read vulnerability in Google Android While flashing a meta image, a buffer over-read can potentially occur when the number of images are out of the maximum range of 32 in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | 2.1 |
| 2018-07-06 | CVE-2017-14893 | Out-of-bounds Read vulnerability in Google Android While flashing meta image, a buffer over-read may potentially occur when the image size is smaller than the image header size or is smaller than the image header size + total image header entry in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | 2.1 |
| 2018-07-06 | CVE-2017-15824 | Missing Release of Resource after Effective Lifetime vulnerability in Google Android In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the function UpdateDeviceStatus() writes a local stack buffer without initialization to flash memory using WriteToPartition() which may potentially leak memory. | 2.1 |
| 2018-07-06 | CVE-2018-5836 | Out-of-bounds Read vulnerability in Google Android In wma_nan_rsp_event_handler() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the data_len value is received from firmware and not properly validated which could potentially lead to an out-of-bounds access. | 2.1 |
| 2018-07-06 | CVE-2018-5895 | Out-of-bounds Read vulnerability in Google Android Buffer over-read may happen in wma_process_utf_event() due to improper buffer length validation before writing into param_buf->num_wow_packet_buffer in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | 2.1 |
| 2018-06-12 | CVE-2018-3579 | Out-of-bounds Read vulnerability in Google Android In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, event->num_entries_in_page is a value received from firmware that is not properly validated which can lead to a buffer over-read | 2.1 |
| 2018-06-11 | CVE-2016-9062 | Information Exposure vulnerability in Mozilla Firefox Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. | 2.1 |
| 2018-05-10 | CVE-2018-6254 | Information Exposure vulnerability in Google Android In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure. | 2.1 |