Vulnerabilities > Google > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-12 | CVE-2017-13186 | Improper Input Validation vulnerability in Google Android A vulnerability in the Android media framework (libavc) related to incorrect use of mmco parameters. | 7.8 |
2018-01-12 | CVE-2017-13185 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the Android media framework (libhevc). | 8.5 |
2018-01-12 | CVE-2017-13184 | Use After Free vulnerability in Google Android 8.0/8.1 In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. | 7.2 |
2018-01-12 | CVE-2017-13182 | Integer Overflow or Wraparound vulnerability in Google Android 8.0/8.1 In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. | 7.2 |
2018-01-12 | CVE-2017-13181 | Double Free vulnerability in Google Android In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. | 7.2 |
2018-01-12 | CVE-2017-13180 | Use After Free vulnerability in Google Android In the onQueueFilled function of SoftAVCDec, there is a possible out-of-bounds write due to a use after free if a bad header causes the decoder to get caught in a loop while another thread frees the memory it's accessing. | 7.2 |
2018-01-12 | CVE-2017-0855 | Missing Release of Resource after Effective Lifetime vulnerability in Google Android In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. | 7.8 |
2018-01-12 | CVE-2017-0869 | Use After Free vulnerability in Google Android NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling code execution as a privileged process. | 7.2 |
2018-01-10 | CVE-2017-11079 | Information Exposure vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size. | 7.5 |
2018-01-09 | CVE-2015-1290 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site. | 8.8 |