Vulnerabilities > Google
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-16 | CVE-2014-9934 | Improper Verification of Cryptographic Signature vulnerability in Google Android A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. | 7.8 |
| 2017-05-16 | CVE-2014-9933 | Improper Input Validation vulnerability in Google Android Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. | 7.8 |
| 2017-05-16 | CVE-2014-9932 | Integer Overflow or Wraparound vulnerability in Google Android In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. | 7.8 |
| 2017-05-16 | CVE-2014-9931 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. | 7.8 |
| 2017-05-12 | CVE-2017-8246 | Use After Free vulnerability in Google Android In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. | 7.8 |
| 2017-05-12 | CVE-2017-8245 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs. | 7.8 |
| 2017-05-12 | CVE-2017-8244 | Race Condition vulnerability in Google Android In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time, but they are not protected with mutex or locks. | 7.0 |
| 2017-05-12 | CVE-2017-0635 | NULL Pointer Dereference vulnerability in Google Android A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 5.5 |
| 2017-05-12 | CVE-2017-0625 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. | 5.5 |
| 2017-05-12 | CVE-2017-0620 | Incorrect Calculation of Buffer Size vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |