Vulnerabilities > Google > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-18 | CVE-2017-15844 | Out-of-bounds Read vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the function for writing device values into flash, uninitialized memory can be written to flash. | 2.1 |
| 2018-09-18 | CVE-2018-11293 | Out-of-bounds Read vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, in wma_ndp_confirm_event_handler and wma_ndp_indication_event_handler, ndp_cfg len and num_ndp_app_info is from fw. | 3.3 |
| 2018-07-06 | CVE-2018-5864 | Out-of-bounds Read vulnerability in Google Android While processing a WMI_APFIND event in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read and information leak can potentially occur. | 2.1 |
| 2018-07-06 | CVE-2018-5865 | Integer Underflow (Wrap or Wraparound) vulnerability in Google Android While processing a debug log event from firmware in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur. | 2.1 |
| 2018-07-06 | CVE-2017-14872 | Out-of-bounds Read vulnerability in Google Android While flashing a meta image, a buffer over-read can potentially occur when the number of images are out of the maximum range of 32 in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | 2.1 |
| 2018-07-06 | CVE-2017-14893 | Out-of-bounds Read vulnerability in Google Android While flashing meta image, a buffer over-read may potentially occur when the image size is smaller than the image header size or is smaller than the image header size + total image header entry in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | 2.1 |
| 2018-07-06 | CVE-2017-15824 | Missing Release of Resource after Effective Lifetime vulnerability in Google Android In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the function UpdateDeviceStatus() writes a local stack buffer without initialization to flash memory using WriteToPartition() which may potentially leak memory. | 2.1 |
| 2018-07-06 | CVE-2018-5836 | Out-of-bounds Read vulnerability in Google Android In wma_nan_rsp_event_handler() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the data_len value is received from firmware and not properly validated which could potentially lead to an out-of-bounds access. | 2.1 |
| 2018-07-06 | CVE-2018-5895 | Out-of-bounds Read vulnerability in Google Android Buffer over-read may happen in wma_process_utf_event() due to improper buffer length validation before writing into param_buf->num_wow_packet_buffer in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. | 2.1 |
| 2018-06-15 | CVE-2018-12440 | Information Exposure vulnerability in Google Boringssl BoringSSL through 2018-06-14 allows a memory-cache side-channel attack on DSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. | 1.9 |