Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2017-10-10 CVE-2017-11056 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 8.0
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while doing sha and cipher operations, a userspace buffer is directly accessed in kernel space potentially leading to a page fault.
local
low complexity
google CWE-119
4.6
2017-10-10 CVE-2017-11055 Out-of-bounds Read vulnerability in Google Android 8.0
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_SET_WIFI_CONFIGURATION cfg80211 vendor command, a buffer over-read can occur.
network
low complexity
google CWE-125
5.0
2017-10-10 CVE-2017-11054 Out-of-bounds Read vulnerability in Google Android 8.0
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur.
network
low complexity
google CWE-125
5.0
2017-10-10 CVE-2017-11053 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 8.0
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when qos map set IE of length less than 16 is received in association response or in qos map configure action frame, a buffer overflow can potentially occur in ConvertQosMapsetFrame().
network
google CWE-119
6.8
2017-10-10 CVE-2017-11052 Out-of-bounds Read vulnerability in Google Android 8.0
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_NDP cfg80211 vendor command a buffer over-read can occur.
network
low complexity
google CWE-125
5.0
2017-10-10 CVE-2017-11051 Information Exposure vulnerability in Google Android 8.0
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, information disclosure is possible in function __wlan_hdd_cfg80211_testmode since buffer hb_params is not initialized to zero.
network
low complexity
google CWE-200
5.0
2017-10-10 CVE-2017-11050 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 8.0
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when the pktlogconf tool gives a pktlog buffer of size less than the minimal possible source data size in the host driver, a buffer overflow can potentially occur.
local
low complexity
google CWE-119
4.6
2017-10-10 CVE-2017-11048 Use After Free vulnerability in Google Android 8.0
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a display driver function, a Use After Free condition can occur.
local
low complexity
google CWE-416
4.6
2017-10-10 CVE-2017-11046 Out-of-bounds Write vulnerability in Google Android 8.0
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when an audio driver ioctl handler is called, a kernel out-of-bounds write can potentially occur.
local
low complexity
google CWE-787
4.6
2017-10-06 CVE-2015-1206 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome
Heap-based buffer overflow in Google Chrome before M40 allows remote attackers to cause a denial of service (unpaged memory write and process crash) via a crafted MP4 file.
local
low complexity
google CWE-119
5.5