Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-16 | CVE-2017-0848 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the Android media framework (libeffects). | 5.3 |
| 2017-11-16 | CVE-2017-11022 | Information Exposure vulnerability in Google Android In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the probe requests originated from user's phone contains the information elements which specifies the supported wifi features. | 5.3 |
| 2017-10-10 | CVE-2017-11063 | NULL Pointer Dereference vulnerability in Google Android 8.0 In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur. | 5.9 |
| 2017-10-04 | CVE-2017-0816 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the Android media framework (libeffects). | 5.5 |
| 2017-10-04 | CVE-2017-0815 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the Android media framework (libeffects). | 5.5 |
| 2017-09-28 | CVE-2015-1526 | Integer Overflow or Wraparound vulnerability in Google Android The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. | 5.5 |
| 2017-09-21 | CVE-2017-9676 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, potential use after free scenarios and race conditions can occur when accessing global static variables without using a lock. | 4.7 |
| 2017-09-21 | CVE-2017-8281 | Race Condition vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI. | 4.7 |
| 2017-09-21 | CVE-2017-11040 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to. | 5.5 |
| 2017-09-21 | CVE-2017-11002 | Out-of-bounds Read vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur. | 5.5 |