Vulnerabilities > Google > Low

DATE CVE VULNERABILITY TITLE RISK
2018-04-04 CVE-2017-6425 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Qualcomm video driver.
local
low complexity
google CWE-200
3.3
3.3
2018-04-04 CVE-2017-6426 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Qualcomm SPMI driver.
local
low complexity
google CWE-200
3.3
3.3
2017-10-27 CVE-2017-5081 Improper Input Validation vulnerability in multiple products
Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.
local
low complexity
google debian redhat CWE-20
3.3
3.3
2017-10-27 CVE-2017-5084 Improper Privilege Management vulnerability in Google Chrome OS
Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.
local
low complexity
google CWE-269
3.3
3.3
2017-07-06 CVE-2017-0709 Information Exposure vulnerability in Google Android 7.1.2
A information disclosure vulnerability in the HTC sensor hub driver.
local
low complexity
google CWE-200
3.3
3.3
2017-06-13 CVE-2015-9031 Information Exposure vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a TZ memory address is exposed to HLOS by HDCP.
local
low complexity
google CWE-200
3.3
3.3
2017-06-13 CVE-2015-9032 Information Exposure vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a DRM key was exposed to QTEE applications.
local
low complexity
google CWE-200
3.3
3.3
2017-04-24 CVE-2017-3544 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian google
3.7
3.7
2017-01-12 CVE-2016-6770 Improper Access Control vulnerability in Google Android
An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level.
local
low complexity
google CWE-284
3.3
3.3
2016-09-11 CVE-2016-3888 Permissions, Privileges, and Access Controls vulnerability in Google Android
internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, and send premium SMS messages during the Setup Wizard provisioning stage, via unspecified vectors, aka internal bug 29420123.
low complexity
google CWE-264
2.1
2.1