Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-11 | CVE-2018-12011 | Use of Uninitialized Resource vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Uninitialized data for socket address leads to information exposure. | 5.5 |
| 2019-02-11 | CVE-2018-12006 | Information Exposure vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Users with no extra privileges can potentially access leaked data due to uninitialized padding present in display function. | 5.5 |
| 2018-12-07 | CVE-2018-9519 | Race Condition vulnerability in Google Android In easelcomm_hw_build_scatterlist, there is a possible out of bounds write due to a race condition. | 6.4 |
| 2018-12-07 | CVE-2018-9517 | Use After Free vulnerability in Google Android In pppol2tp_connect, there is possible memory corruption due to a use after free. | 6.7 |
| 2018-12-07 | CVE-2017-15835 | Infinite Loop vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, While processing the RIC Data Descriptor IE in an artificially crafted 802.11 frame with IE length more than 255, an infinite loop may potentially occur resulting in a denial of service. | 6.5 |
| 2018-12-06 | CVE-2018-9566 | Out-of-bounds Read vulnerability in Google Android In process_service_search_rsp of sdp_discovery.c, there is a possible out of bounds read due to a missing bounds check. | 5.7 |
| 2018-12-06 | CVE-2018-9554 | Information Exposure vulnerability in Google Android In dumpExtractors of IMediaExtractor.cp, there is a possible disclosure of recently accessed media files due to a permissions bypass. | 5.5 |
| 2018-12-06 | CVE-2018-9552 | Out-of-bounds Write vulnerability in Google Android In ihevcd_sao_shift_ctb of ihevcd_sao.c there is a possible out of bounds write due to missing bounds check. | 5.5 |
| 2018-12-06 | CVE-2018-9548 | Missing Authorization vulnerability in Google Android In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. | 5.5 |
| 2018-11-27 | CVE-2018-11946 | Unspecified vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, the UPnP daemon should not be running out of box because it enables port forwarding without authentication. low complexity google | 6.5 |