Vulnerabilities > Google > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-30 | CVE-2017-9691 | Race Condition vulnerability in Google Android There is a race condition in Android for MSM, Firefox OS for MSM, and QRD Android that allows to access to already free'd memory in the debug message output functionality contained within the mobicore driver. | 1.9 |
| 2018-03-30 | CVE-2017-9693 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android The length of attribute value for STA_EXT_CAPABILITY in __wlan_hdd_change_station in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaParams.extn_capability results in a read for extra bytes when a memcpy is done from params->ext_capab to StaParams.extn_capability using the sizeof(StaParams.extn_capability). | 2.1 |
| 2018-03-16 | CVE-2017-15814 | Information Exposure vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in msm_flash_subdev_do_ioctl of drivers/media/platform/msm/camera_v2/sensor/flash/msm_flash.c, there is a possible out of bounds read if flash_data.cfg_type is CFG_FLASH_INIT due to improper input validation. | 2.1 |
| 2018-03-12 | CVE-2017-6285 | Out-of-bounds Read vulnerability in Google Android NVIDIA libnvrm contains a possible out of bounds read due to a missing bounds check which could lead to local information disclosure. | 2.1 |
| 2018-03-12 | CVE-2017-6287 | Out-of-bounds Read vulnerability in Google Android NVIDIA libnvrm contains a possible out of bounds read due to a missing bounds check which could lead to local information disclosure. | 2.1 |
| 2018-03-12 | CVE-2017-6288 | Out-of-bounds Read vulnerability in Google Android NVIDIA libnvrm contains a possible out of bounds read due to a missing bounds check which could lead to local information disclosure. | 2.1 |
| 2018-03-06 | CVE-2017-6284 | Information Exposure vulnerability in multiple products NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate. | 2.1 |
| 2018-03-06 | CVE-2017-6295 | Out-of-bounds Read vulnerability in multiple products NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. | 3.6 |
| 2017-10-27 | CVE-2017-5081 | Improper Input Validation vulnerability in multiple products Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files. | 3.3 |
| 2017-10-27 | CVE-2017-5084 | Improper Privilege Management vulnerability in Google Chrome OS Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint. | 3.3 |