Vulnerabilities > Google > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-08-18 CVE-2014-9976 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.
network
low complexity
google CWE-119
critical
 9.8
9.8
2017-08-18 CVE-2014-9975 Inadequate Encryption Strength vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption.
network
low complexity
google CWE-326
critical
 9.8
9.8
2017-08-18 CVE-2014-9974 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths was missing in Keymaster.
network
low complexity
google CWE-119
critical
 9.8
9.8
2017-08-18 CVE-2014-9973 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine.
network
low complexity
google CWE-119
critical
 9.8
9.8
2017-08-18 CVE-2014-9972 NULL Pointer Dereference vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts can potentially cause a NULL pointer dereference during an out-of-memory condition.
network
low complexity
google CWE-476
critical
 9.8
9.8
2017-08-18 CVE-2014-9971 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow.
network
low complexity
google CWE-20
critical
 9.8
9.8
2017-08-18 CVE-2014-9969 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client may use an insecure cryptographic algorithm.
network
low complexity
google CWE-327
critical
 9.8
9.8
2017-08-18 CVE-2014-9968 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the UIMDIAG interface.
network
low complexity
google CWE-119
critical
 9.8
9.8
2017-08-18 CVE-2014-9411 Range Error vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection.
network
low complexity
google CWE-118
critical
 9.8
9.8
2017-05-23 CVE-2016-5178 Improper Input Validation vulnerability in multiple products
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
network
low complexity
google opensuse debian redhat fedoraproject CWE-20
critical
 9.8
9.8