Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-04 | CVE-2017-0807 | Unspecified vulnerability in Google Android An elevation of privilege vulnerability in the Android framework (ui framework). | 9.8 |
| 2017-08-18 | CVE-2017-7364 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in function __mdss_fb_copy_destscaler_data(), variable ds_data[i].scale may still point to a user-provided address (which could point to arbitrary kernel address), so on an error condition, this user-provided address will be freed (arbitrary free), and continued operation could result in use after free condition. | 9.8 |
| 2017-08-18 | CVE-2016-5872 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated. | 9.8 |
| 2017-08-18 | CVE-2016-5871 | Integer Overflow or Wraparound vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file. | 9.8 |
| 2017-08-18 | CVE-2016-10392 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a driver can potentially leak kernel memory. | 9.8 |
| 2017-08-18 | CVE-2016-10391 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity. | 9.8 |
| 2017-08-18 | CVE-2016-10390 | Resource Management Errors vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a file, an excessive amount of memory may be consumed. | 9.8 |
| 2017-08-18 | CVE-2016-10388 | Configuration vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application. | 9.8 |
| 2017-08-18 | CVE-2016-10387 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario. | 9.8 |
| 2017-08-18 | CVE-2016-10386 | Improper Validation of Array Index vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP. | 9.8 |