Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-18 | CVE-2015-1239 | Double Free vulnerability in multiple products Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF. | 6.5 |
| 2017-10-10 | CVE-2017-11063 | NULL Pointer Dereference vulnerability in Google Android 8.0 In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur. | 5.9 |
| 2017-10-06 | CVE-2015-1206 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Heap-based buffer overflow in Google Chrome before M40 allows remote attackers to cause a denial of service (unpaged memory write and process crash) via a crafted MP4 file. | 5.5 |
| 2017-10-04 | CVE-2017-0816 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the Android media framework (libeffects). | 5.5 |
| 2017-10-04 | CVE-2017-0815 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the Android media framework (libeffects). | 5.5 |
| 2017-09-28 | CVE-2015-1526 | Integer Overflow or Wraparound vulnerability in Google Android The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. | 5.5 |
| 2017-09-21 | CVE-2017-9676 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, potential use after free scenarios and race conditions can occur when accessing global static variables without using a lock. | 4.7 |
| 2017-09-21 | CVE-2017-8281 | Race Condition vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI. | 4.7 |
| 2017-09-21 | CVE-2017-11040 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to. | 5.5 |
| 2017-09-21 | CVE-2017-11002 | Out-of-bounds Read vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur. | 5.5 |