Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2017-12-06 CVE-2017-0876 Improper Input Validation vulnerability in Google Android 6.0
A remote code execution vulnerability in the Android media framework (libavc).
network
low complexity
google CWE-20
8.8
2017-12-06 CVE-2017-0872 Improper Input Validation vulnerability in Google Android
A remote code execution vulnerability in the Android media framework (libskia).
network
low complexity
google CWE-20
8.8
2017-12-06 CVE-2017-0871 Unspecified vulnerability in Google Android 8.0
An elevation of privilege vulnerability in the Android framework (framework base).
local
low complexity
google
7.8
2017-12-06 CVE-2017-0870 Unspecified vulnerability in Google Android
An elevation of privilege vulnerability in the Android framework (libminikin).
local
low complexity
google
7.8
2017-12-06 CVE-2017-0837 Unspecified vulnerability in Google Android
An elevation of privilege vulnerability in the Android media framework (libaudiopolicymanager).
local
low complexity
google
7.8
2017-12-05 CVE-2017-9716 Unspecified vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the qbt1000 driver implements an alternative channel for usermode applications to talk to QSEE applications.
local
low complexity
google
7.8
2017-12-05 CVE-2017-14904 Use After Free vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a crafted binder request can cause an arbitrary unmap in MediaServer.
local
low complexity
google CWE-416
7.8
2017-12-05 CVE-2017-14902 Use After Free vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the GLink kernel driver, a Use After Free condition can potentially occur.
local
high complexity
google CWE-416
7.0
2017-12-05 CVE-2017-14897 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while handling the QSEOS_RPMB_CHECK_PROV_STATUS_COMMAND, a userspace buffer is directly accessed in kernel space.
local
low complexity
google CWE-119
7.8
2017-12-05 CVE-2017-14895 Operation on a Resource after Expiration or Release vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, after a subsystem reset, iwpriv is not giving correct information.
local
low complexity
google CWE-672
7.8