Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-19 | CVE-2018-9348 | Integer Overflow or Wraparound vulnerability in Google Android In SMF_ParseMetaEvent of eas_smf.c, there is a possible integer overflow. | 6.5 |
| 2024-11-19 | CVE-2018-9371 | Out-of-bounds Write vulnerability in Google Android In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. | 6.4 |
| 2024-11-19 | CVE-2018-9340 | Out-of-bounds Read vulnerability in Google Android In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure. | 5.5 |
| 2024-11-19 | CVE-2018-9345 | Use of Uninitialized Resource vulnerability in Google Android In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. | 5.5 |
| 2024-11-19 | CVE-2018-9346 | Use of Uninitialized Resource vulnerability in Google Android In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. | 5.5 |
| 2024-11-15 | CVE-2017-13311 | Unspecified vulnerability in Google Android In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. | 6.7 |
| 2024-11-15 | CVE-2017-13313 | Infinite Loop vulnerability in Google Android In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. | 6.5 |
| 2024-11-15 | CVE-2017-13309 | Unspecified vulnerability in Google Android 8.1 In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. | 5.5 |
| 2024-11-14 | CVE-2017-13227 | Unspecified vulnerability in Google Android 8.0/8.1 In the autofill service, the package name that is provided by the app process is trusted inappropriately. | 5.5 |
| 2024-11-13 | CVE-2024-43082 | Unspecified vulnerability in Google Android 12.0/12.1 In onActivityResult of EditUserPhotoController.java, there is a possible cross-user media read due to a confused deputy. | 5.5 |