Vulnerabilities > Google
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-16 | CVE-2014-9931 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. | 7.8 |
| 2017-05-12 | CVE-2017-8246 | Use After Free vulnerability in Google Android In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. | 7.8 |
| 2017-05-12 | CVE-2017-8245 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs. | 7.8 |
| 2017-05-12 | CVE-2017-8244 | Race Condition vulnerability in Google Android In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time, but they are not protected with mutex or locks. | 7.0 |
| 2017-05-12 | CVE-2017-0635 | NULL Pointer Dereference vulnerability in Google Android A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 5.5 |
| 2017-05-12 | CVE-2017-0625 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. | 5.5 |
| 2017-05-12 | CVE-2017-0620 | Incorrect Calculation of Buffer Size vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-05-12 | CVE-2017-0619 | An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-05-12 | CVE-2017-0618 | Unspecified vulnerability in Google Android An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-05-12 | CVE-2017-0617 | Unspecified vulnerability in Google Android An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |