Vulnerabilities > Google
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-08 | CVE-2016-8420 | Permissions, Privileges, and Access Controls vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-02-08 | CVE-2016-8419 | Permissions, Privileges, and Access Controls vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-02-08 | CVE-2016-8418 | Improper Access Control vulnerability in Google Android A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. | 9.8 |
| 2017-02-08 | CVE-2016-8414 | Information Exposure vulnerability in multiple products An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels. | 4.7 |
| 2017-02-07 | CVE-2016-10044 | Permissions, Privileges, and Access Controls vulnerability in multiple products The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call. | 7.8 |
| 2017-02-07 | CVE-2014-9914 | Use After Free vulnerability in multiple products Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets. | 7.8 |
| 2017-01-27 | CVE-2016-8411 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Buffer overflow vulnerability while processing QMI QOS TLVs. | 9.8 |
| 2017-01-19 | CVE-2016-9650 | Data Processing Errors vulnerability in Google Chrome Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled iframes, which allowed a remote attacker to bypass a no-referrer policy via a crafted HTML page. | 4.3 |
| 2017-01-19 | CVE-2016-5226 | Cross-site Scripting vulnerability in Google Chrome Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac executed javascript: URLs entered in the URL bar in the context of the current tab, which allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar. | 6.1 |
| 2017-01-19 | CVE-2016-5225 | Data Processing Errors vulnerability in Google Chrome Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled form actions, which allowed a remote attacker to bypass Content Security Policy via a crafted HTML page. | 4.3 |