Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-08 | CVE-2017-0752 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android A elevation of privilege vulnerability in the Android framework (windowmanager). | 9.3 |
| 2017-08-24 | CVE-2017-0805 | Improper Validation of Array Index vulnerability in Google Android A elevation of privilege vulnerability in the Android media framework (libstagefright). | 9.3 |
| 2017-08-18 | CVE-2017-9685 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition. | 9.3 |
| 2017-08-18 | CVE-2017-9678 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can potentially occur due to lack of bounds checking in a memcpy(). | 9.3 |
| 2017-08-18 | CVE-2017-7364 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (which could point to arbitrary kernel address), so on an error condition, this user-provided address will be freed (arbitrary free), and continued operation could result in use after free condition. | 10.0 |
| 2017-08-18 | CVE-2017-8268 | Out-of-bounds Read vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read. | 9.3 |
| 2017-08-18 | CVE-2017-8263 | Unspecified vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a kernel fault can occur when doing certain operations on a read-only virtual address in userspace. | 9.3 |
| 2017-08-18 | CVE-2017-8255 | Integer Overflow or Wraparound vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot. | 9.3 |
| 2017-08-18 | CVE-2017-8253 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace. | 9.3 |
| 2017-08-18 | CVE-2016-5872 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated. | 10.0 |