Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-07 | CVE-2017-15386 | Improper Input Validation vulnerability in multiple products Incorrect implementation in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |
| 2018-01-18 | CVE-2017-17860 | Improper Input Validation vulnerability in Google Android In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. | 5.7 |
| 2018-01-12 | CVE-2017-13218 | Information Exposure vulnerability in Google Android Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear could be used for side channel attacks and this could lead to local information disclosure with no additional execution privileges needed in FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, QCN5502, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845. | 4.7 |
| 2018-01-03 | CVE-2017-1000460 | NULL Pointer Dereference vulnerability in multiple products In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception. | 6.5 |
| 2017-12-28 | CVE-2015-7889 | Permission Issues vulnerability in Google Android The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent. | 5.5 |
| 2017-12-06 | CVE-2017-13148 | Improper Input Validation vulnerability in Google Android A denial of service vulnerability in the Android media framework (libmpeg2). | 6.5 |
| 2017-12-06 | CVE-2017-0880 | Unspecified vulnerability in Google Android A denial of service vulnerability in the Android media framework (libskia). | 6.5 |
| 2017-12-06 | CVE-2017-0874 | Improper Input Validation vulnerability in Google Android A denial of service vulnerability in the Android media framework (libavc). | 6.5 |
| 2017-12-06 | CVE-2017-0873 | Improper Input Validation vulnerability in Google Android A denial of service vulnerability in the Android media framework (libmpeg2). | 6.5 |
| 2017-12-05 | CVE-2017-14905 | Out-of-bounds Read vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur. | 5.3 |