Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-04 | CVE-2017-13289 | Incorrect Calculation of Buffer Size vulnerability in Google Android In writeToParcel and createFromParcel of RttManager.java, there is a permission bypass due to a write size mismatch. | 7.8 |
| 2018-04-04 | CVE-2017-13288 | Incorrect Calculation vulnerability in Google Android 8.0/8.1 In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission bypass due to a 64/32bit int mismatch. | 7.8 |
| 2018-04-04 | CVE-2017-13287 | Improper Input Validation vulnerability in Google Android In createFromParcel of VerifyCredentialResponse.java, there is a possible invalid parcel read due to improper input validation. | 7.8 |
| 2018-04-04 | CVE-2017-13286 | Deserialization of Untrusted Data vulnerability in Google Android 8.0/8.1 In writeToParcel and readFromParcel of OutputConfiguration.java, there is a permission bypass due to mismatched serialization. | 7.8 |
| 2018-04-04 | CVE-2017-13280 | Out-of-bounds Read vulnerability in Google Android In the FrameSequence_gif::FrameSequence_gif function of libframesequence, there is a out of bounds read due to a missing bounds check. | 7.5 |
| 2018-04-04 | CVE-2017-13278 | Use After Free vulnerability in Google Android In MediaPlayerService::Client::notify of MediaPlayerService.cpp, there is a possible use after free. | 7.8 |
| 2018-04-04 | CVE-2017-13277 | Out-of-bounds Write vulnerability in Google Android In ihevcd_fmt_conv of ihevcd_fmt_conv.c, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2018-04-04 | CVE-2017-13276 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In CProgramConfig_ReadHeightExt of tpdec_asc.cpp, there is a possible stack buffer overflow due to a missing bounds check. | 7.8 |
| 2018-04-03 | CVE-2018-5828 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in function wma_extscan_start_stop_event_handler(), vdev_id comes from the variable event from firmware and is not properly validated potentially leading to a buffer overwrite. | 7.8 |
| 2018-04-03 | CVE-2018-5825 | Use After Free vulnerability in Google Android In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the kernel IPA driver, a Use After Free condition can occur. | 7.8 |