Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-12 | CVE-2017-13184 | Use After Free vulnerability in Google Android 8.0/8.1 In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. | 7.8 |
| 2018-01-12 | CVE-2017-13183 | Race Condition vulnerability in Google Android 8.1 In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, there is a possible use after free due to a race condition if the user frees the buffer while it's being used in another thread. | 7.0 |
| 2018-01-12 | CVE-2017-13182 | Integer Overflow or Wraparound vulnerability in Google Android 8.0/8.1 In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. | 7.8 |
| 2018-01-12 | CVE-2017-13181 | Double Free vulnerability in Google Android In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. | 7.8 |
| 2018-01-12 | CVE-2017-13180 | Use After Free vulnerability in Google Android In the onQueueFilled function of SoftAVCDec, there is a possible out-of-bounds write due to a use after free if a bad header causes the decoder to get caught in a loop while another thread frees the memory it's accessing. | 7.8 |
| 2018-01-12 | CVE-2017-13176 | Improper Input Validation vulnerability in Google Android In the parseURL function of URLStreamHandler, there is improper input validation of the host field. | 8.8 |
| 2018-01-12 | CVE-2017-0855 | Missing Release of Resource after Effective Lifetime vulnerability in Google Android In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. | 7.5 |
| 2018-01-12 | CVE-2017-0846 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the Android framework (clipboardservice). | 7.5 |
| 2018-01-12 | CVE-2014-7952 | Injection vulnerability in Google Android The backup mechanism in the adb tool in Android might allow attackers to inject additional applications (APKs) and execute arbitrary code by leveraging failure to filter application data streams. | 7.8 |
| 2018-01-12 | CVE-2017-0869 | Use After Free vulnerability in Google Android NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling code execution as a privileged process. | 7.8 |