Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2018-04-04 CVE-2017-13292 Out-of-bounds Write vulnerability in Google Android
In wl_get_assoc_ies of wl_cfg80211.c, there is a possible out of bounds write due to an incorrect bounds check.
network
low complexity
google CWE-787
critical
 10.0
10
2018-04-04 CVE-2017-13291 NULL Pointer Dereference vulnerability in Google Android
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible NULL pointer dereference due to missing bounds checks.
network
low complexity
google CWE-476
7.8
7.8
2018-04-04 CVE-2017-13290 Out-of-bounds Read vulnerability in Google Android
In sdp_server_handle_client_req of sdp_server.cc, there is an out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
2.1
2.1
2018-04-04 CVE-2017-13289 Incorrect Calculation of Buffer Size vulnerability in Google Android
In writeToParcel and createFromParcel of RttManager.java, there is a permission bypass due to a write size mismatch.
local
low complexity
google CWE-131
7.2
7.2
2018-04-04 CVE-2017-13288 Incorrect Calculation vulnerability in Google Android 8.0/8.1
In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission bypass due to a 64/32bit int mismatch.
local
low complexity
google CWE-682
7.2
7.2
2018-04-04 CVE-2017-13287 Improper Input Validation vulnerability in Google Android
In createFromParcel of VerifyCredentialResponse.java, there is a possible invalid parcel read due to improper input validation.
local
low complexity
google CWE-20
7.2
7.2
2018-04-04 CVE-2017-13286 Deserialization of Untrusted Data vulnerability in Google Android 8.0/8.1
In writeToParcel and readFromParcel of OutputConfiguration.java, there is a permission bypass due to mismatched serialization.
local
low complexity
google CWE-502
7.2
7.2
2018-04-04 CVE-2017-13285 Out-of-bounds Write vulnerability in Google Android
In SvoxSsmlParser and startElement of svox_ssml_parser.cpp, there is a possible out of bounds write due to an uninitialized buffer.
network
low complexity
google CWE-787
critical
 10.0
10
2018-04-04 CVE-2017-13284 Improper Input Validation vulnerability in Google Android
In config_set_string of config.cc, it is possible to pair a second BT keyboard without user approval due to improper input validation.
network
low complexity
google CWE-20
critical
 10.0
10
2018-04-04 CVE-2017-13283 Out-of-bounds Write vulnerability in Google Android
In avrc_ctrl_pars_vendor_rsp of bluetooth avrcp_ctrl, there is a possible out of bounds write on the stack due to a missing bounds check.
network
low complexity
google CWE-787
critical
 10.0
10