Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-27 | CVE-2018-5908 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a possible buffer overflow in display function due to lack of buffer length validation before copying. | 7.8 |
| 2018-11-27 | CVE-2018-5906 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a possible buffer overflow in debugfs module due to lack of check in size of input before copying into buffer. | 7.8 |
| 2018-11-27 | CVE-2018-5904 | Use After Free vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while list traversal in LPM status driver for clean up, use after free vulnerability may occur. | 7.8 |
| 2018-11-27 | CVE-2018-5861 | Incorrect Type Conversion or Cast vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, existing checks in place on partition size are incomplete and can lead to heap overwrite vulnerabilities while loading a secure application from the boot loader. | 7.8 |
| 2018-11-27 | CVE-2018-5856 | Use After Free vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, due to a race condition, a Use After Free condition can occur in Audio. | 7.8 |
| 2018-11-27 | CVE-2018-11995 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a partition name-check variable is not reset for every iteration which may cause improper termination in the META image. | 7.8 |
| 2018-11-27 | CVE-2018-11956 | Unspecified vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper mounting lead to device node and executable to be run from /dsp/ which presents a potential security issue. | 7.8 |
| 2018-11-27 | CVE-2018-11943 | Improper Initialization vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing fastboot flash command, memory leak or unexpected behavior may occur due to processing of unintialized data buffers. | 7.8 |
| 2018-11-27 | CVE-2018-11919 | Out-of-bounds Write vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a potential heap overflow and memory corruption due to improper error handling in SOC infrastructure. | 7.8 |
| 2018-11-27 | CVE-2018-11918 | Double Free vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, memory allocated is automatically released by the kernel if the 'probe' function fails with an error code. | 7.8 |