Vulnerabilities > Google > Android > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-19 CVE-2018-9340 Out-of-bounds Read vulnerability in Google Android
In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure.
local
low complexity
google CWE-125
5.5
2024-11-19 CVE-2018-9345 Use of Uninitialized Resource vulnerability in Google Android
In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data.
local
low complexity
google CWE-908
5.5
2024-11-19 CVE-2018-9346 Use of Uninitialized Resource vulnerability in Google Android
In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data.
local
low complexity
google CWE-908
5.5
2024-11-15 CVE-2017-13311 Unspecified vulnerability in Google Android
In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass.
local
low complexity
google
6.7
2024-11-15 CVE-2017-13313 Infinite Loop vulnerability in Google Android
In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check.
network
low complexity
google CWE-835
6.5
2024-11-15 CVE-2017-13309 Unspecified vulnerability in Google Android 8.1
In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto.
local
low complexity
google
5.5
2024-11-14 CVE-2017-13227 Unspecified vulnerability in Google Android 8.0/8.1
In the autofill service, the package name that is provided by the app process is trusted inappropriately.
local
low complexity
google
5.5
2024-11-13 CVE-2024-43082 Unspecified vulnerability in Google Android 12.0/12.1
In onActivityResult of EditUserPhotoController.java, there is a possible cross-user media read due to a confused deputy.
local
low complexity
google
5.5
2024-11-13 CVE-2024-43083 Allocation of Resources Without Limits or Throttling vulnerability in Google Android
In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion.
local
low complexity
google CWE-770
5.5
2024-11-13 CVE-2024-43084 Unspecified vulnerability in Google Android
In visitUris of multiple files, there is a possible information disclosure due to a confused deputy.
local
low complexity
google
5.5