Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2018-02-12 CVE-2017-13234 Missing Release of Resource after Effective Lifetime vulnerability in Google Android
In DLSParser of the sonivox library, there is possible resource exhaustion due to a memory leak.
network
low complexity
google CWE-772
6.5
6.5
2018-02-12 CVE-2017-13233 Resource Exhaustion vulnerability in Google Android
In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible resource exhaustion.
network
low complexity
google CWE-400
6.5
6.5
2018-02-12 CVE-2017-13232 Out-of-bounds Write vulnerability in Google Android
In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated.
network
low complexity
google CWE-787
7.5
7.5
2018-02-12 CVE-2017-13231 Out-of-bounds Write vulnerability in Google Android 8.0/8.1
In libmediadrm, there is an out-of-bounds write due to improper input validation.
local
low complexity
google CWE-787
7.8
7.8
2018-02-12 CVE-2017-13230 Out-of-bounds Write vulnerability in Google Android
In hevc codec, there is an out-of-bounds write due to an incorrect bounds check with the i2_pic_width_in_luma_samples value.
network
low complexity
google CWE-787
8.8
8.8
2018-02-12 CVE-2017-13229 Improper Input Validation vulnerability in Google Android
A remote code execution vulnerability in the Android media framework (n/a).
network
low complexity
google CWE-20
critical
 9.8
9.8
2018-02-12 CVE-2017-13228 Out-of-bounds Write vulnerability in Google Android
In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character.
network
low complexity
google CWE-787
8.8
8.8
2018-02-07 CVE-2017-5133 Out-of-bounds Write vulnerability in multiple products
Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file.
network
low complexity
google debian CWE-787
8.8
8.8
2018-02-07 CVE-2017-5132 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation.
network
low complexity
google debian CWE-119
8.8
8.8
2018-02-07 CVE-2017-5131 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.
network
low complexity
google debian CWE-190
8.8
8.8