Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2024-11-19 CVE-2018-9368 Out-of-bounds Write vulnerability in Google Android
In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies.
local
low complexity
google CWE-787
7.8
2024-11-19 CVE-2018-9369 Unspecified vulnerability in Google Android
In bootloader there is fastboot command allowing user specified kernel command line arguments.
local
low complexity
google
7.3
2024-11-19 CVE-2018-9370 Out-of-bounds Write vulnerability in Google Android
In download.c there is a special mode allowing user to download data into memory and causing possible memory corruptions due to missing bounds check.
local
low complexity
google CWE-787
7.3
2024-11-19 CVE-2018-9371 Out-of-bounds Write vulnerability in Google Android
In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting.
low complexity
google CWE-787
6.4
2024-11-19 CVE-2018-9339 Type Confusion vulnerability in Google Android 8.0/8.1
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion.
local
low complexity
google CWE-843
7.8
2024-11-19 CVE-2018-9340 Out-of-bounds Read vulnerability in Google Android
In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure.
local
low complexity
google CWE-125
5.5
2024-11-19 CVE-2018-9341 Out-of-bounds Write vulnerability in Google Android
In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing bounds check.
local
low complexity
google CWE-787
7.8
2024-11-19 CVE-2018-9344 Improper Locking vulnerability in Google Android 8.1
In several functions of DescramblerImpl.cpp, there is a possible use after free due to improper locking.
local
low complexity
google CWE-667
7.8
2024-11-19 CVE-2018-9345 Use of Uninitialized Resource vulnerability in Google Android
In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data.
local
low complexity
google CWE-908
5.5
2024-11-19 CVE-2018-9346 Use of Uninitialized Resource vulnerability in Google Android
In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data.
local
low complexity
google CWE-908
5.5