Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2017-08-18 CVE-2017-8254 Information Exposure vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an audio client pointer is dereferenced before being checked if it is valid.
local
low complexity
google CWE-200
5.5
2017-08-18 CVE-2017-8253 Allocation of Resources Without Limits or Throttling vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace.
local
low complexity
google CWE-770
7.8
2017-08-18 CVE-2016-5872 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated.
network
low complexity
google CWE-20
critical
9.8
2017-08-18 CVE-2016-5871 Integer Overflow or Wraparound vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file.
network
low complexity
google CWE-190
critical
9.8
2017-08-18 CVE-2016-10392 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a driver can potentially leak kernel memory.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2016-10391 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity.
network
low complexity
google CWE-20
critical
9.8
2017-08-18 CVE-2016-10390 Resource Management Errors vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a file, an excessive amount of memory may be consumed.
network
low complexity
google CWE-399
critical
9.8
2017-08-18 CVE-2016-10389 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition.
local
low complexity
google CWE-119
7.8
2017-08-18 CVE-2016-10388 Configuration vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application.
network
low complexity
google CWE-16
critical
9.8
2017-08-18 CVE-2016-10387 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario.
network
low complexity
google CWE-20
critical
9.8