Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-13 | CVE-2018-6267 | Improper Input Validation vulnerability in Google Android NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges. | 7.8 |
| 2019-02-11 | CVE-2018-9592 | Out-of-bounds Read vulnerability in Google Android In mca_ccb_hdl_rsp of mca_cact.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. | 7.5 |
| 2019-02-11 | CVE-2018-9591 | Out-of-bounds Read vulnerability in Google Android In bta_hh_ctrl_dat_act of bta_hh_act.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. | 7.5 |
| 2019-02-11 | CVE-2018-9590 | Out-of-bounds Read vulnerability in Google Android In add_attr of sdp_discovery.c in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. | 7.5 |
| 2019-02-11 | CVE-2018-9587 | Files or Directories Accessible to External Parties vulnerability in Google Android In savePhotoFromUriToUri of ContactPhotoUtils.java in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is possible unauthorized access to files within the contact app due to a confused deputy scenario. | 7.3 |
| 2019-02-11 | CVE-2018-9586 | Race Condition vulnerability in Google Android In run of InstallPackageTask.java in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, it is possible that package verification is turned off and remains off due to a race condition. | 7.0 |
| 2019-02-11 | CVE-2018-9585 | Out-of-bounds Write vulnerability in Google Android In nfc_ncif_proc_get_routing of nfc_ncif.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2019-02-11 | CVE-2018-9584 | Out-of-bounds Write vulnerability in Google Android In nfc_ncif_set_config_status of nfc_ncif.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2019-02-11 | CVE-2018-9582 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 8.0/8.1/9.0 In package installer in Android-8.0, Android-8.1 and Android-9, there is a possible bypass of the unknown source warning due to a confused deputy scenario. | 7.8 |
| 2019-02-11 | CVE-2019-5736 | OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78 | 8.6 |