Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-08 | CVE-2017-0412 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 7.0/7.1.0/7.1.1 An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 9.3 |
| 2017-02-08 | CVE-2017-0411 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 7.0/7.1.0/7.1.1 An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 9.3 |
| 2017-02-08 | CVE-2017-0410 | Integer Overflow or Wraparound vulnerability in Google Android An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 9.3 |
| 2017-02-08 | CVE-2017-0407 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 9.3 |
| 2017-02-08 | CVE-2017-0406 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 9.3 |
| 2017-02-08 | CVE-2017-0405 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 7.0/7.1.0/7.1.1 A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 9.3 |
| 2017-02-08 | CVE-2016-8418 | Improper Access Control vulnerability in Google Android A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. | 10.0 |
| 2017-01-30 | CVE-2016-6604 | NULL Pointer Dereference vulnerability in Samsung Exynos Fimg2D NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. | 10.0 |
| 2017-01-27 | CVE-2016-8411 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Buffer overflow vulnerability while processing QMI QOS TLVs. | 10.0 |
| 2017-01-18 | CVE-2014-9909 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 9.3 |