Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-02 | CVE-2018-9476 | Use After Free vulnerability in Google Android 8.0/8.1 In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use-after-free due to improper locking. | 9.8 |
| 2018-08-28 | CVE-2017-15398 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server. | 9.8 |
| 2018-07-09 | CVE-2018-5002 | Out-of-bounds Write vulnerability in multiple products Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. | 10.0 |
| 2018-07-06 | CVE-2018-5855 | Out-of-bounds Read vulnerability in Google Android While padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read can potentially occur. | 10.0 |
| 2018-07-06 | CVE-2018-3586 | Integer Overflow or Wraparound vulnerability in Google Android An integer overflow to buffer overflow vulnerability exists in the ADSPRPC heap manager in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | 10.0 |
| 2018-06-06 | CVE-2018-5850 | Integer Underflow (Wrap or Wraparound) vulnerability in Google Android In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 9.3 |
| 2018-06-06 | CVE-2018-5846 | Use After Free vulnerability in Google Android A Use After Free condition can occur in the IPA driver whenever the IPA IOCTLs IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_ADD/IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_DEL/IPA_IOC_NOTIFY_WAN_EMBMS_CONNECTED are called in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 9.3 |
| 2018-06-06 | CVE-2018-5841 | Insecure Default Initialization of Resource vulnerability in Google Android dcc_curr_list is initialized with a default invalid value that is expected to be programmed by the user through a sysfs node which could lead to an invalid access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 9.3 |
| 2018-06-06 | CVE-2018-5840 | Classic Buffer Overflow vulnerability in Google Android Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 9.3 |
| 2018-06-06 | CVE-2018-3580 | Out-of-bounds Write vulnerability in Google Android Stack-based buffer overflow can occur In the WLAN driver if the pmkid_count value is larger than the PMKIDCache size in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 9.3 |