Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2017-05-12 CVE-2017-8244 Race Condition vulnerability in Google Android
In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time, but they are not protected with mutex or locks.
local
google CWE-362
6.9
2017-05-12 CVE-2017-0635 NULL Pointer Dereference vulnerability in Google Android
A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot.
network
google CWE-476
7.1
2017-05-12 CVE-2017-0625 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels.
network
google CWE-200
4.3
2017-05-12 CVE-2017-0620 Improper Input Validation vulnerability in multiple products
An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
linux google CWE-20
7.6
2017-05-12 CVE-2017-0619 Privilege Escalation vulnerability in Google Android Qualcomm Pin Controller Driver
An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
linux google
7.6
2017-05-12 CVE-2017-0618 Privilege Escalation vulnerability in Google Android Mediatek Command Queue Driver
An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
google
7.6
2017-05-12 CVE-2017-0617 Privilege Escalation vulnerability in Google Android Mediatek Video Driver
An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
google
7.6
2017-05-12 CVE-2017-0616 Privilege Escalation vulnerability in Google Android Mediatek Driver
An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
google
7.6
2017-05-12 CVE-2017-0615 Privilege Escalation vulnerability in Google Android Mediatek Power Driver
An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
high complexity
google
7.6
2017-05-12 CVE-2017-0604 Always-Incorrect Control Flow Implementation vulnerability in Google Android
An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
network
google CWE-670
critical
9.3