Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2017-04-07 CVE-2017-0542 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.
local
low complexity
google CWE-119
7.8
2017-04-07 CVE-2017-0541 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.
local
low complexity
google CWE-119
7.8
2017-04-07 CVE-2017-0540 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.
local
low complexity
google CWE-119
7.8
2017-04-07 CVE-2017-0539 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.
local
low complexity
google CWE-119
7.8
2017-04-07 CVE-2017-0538 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing.
local
low complexity
google CWE-119
7.8
2017-04-06 CVE-2016-5349 Information Exposure vulnerability in Google Android
The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to legitimate memory ranges related to the QSEE secure application's HLOS client.
local
low complexity
google CWE-200
5.5
2017-04-04 CVE-2016-10229 Improperly Implemented Security Check for Standard vulnerability in multiple products
udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.
network
low complexity
linux google CWE-358
critical
9.8
2017-04-04 CVE-2014-9922 Permissions, Privileges, and Access Controls vulnerability in multiple products
The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.
local
low complexity
linux google CWE-264
7.8
2017-03-20 CVE-2016-5857 Permissions, Privileges, and Access Controls vulnerability in Google Android 7.0
The Qualcomm SPCom driver in Android before 7.0 allows local users to execute arbitrary code within the context of the kernel via a crafted application, aka Android internal bug 34386529 and Qualcomm internal bug CR#1094140.
local
low complexity
google CWE-264
7.8
2017-03-08 CVE-2017-0532 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the MediaTek video codec driver could enable a local malicious application to access data outside of its permission levels.
local
high complexity
google CWE-200
4.7