Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-13 | CVE-2016-10333 | Improper Access Control vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a sensitive system call was allowed to be called by HLOS. | 5.5 |
| 2017-06-13 | CVE-2016-10332 | 7PK - Security Features vulnerability in Google Android In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications. | 5.5 |
| 2017-06-13 | CVE-2015-9024 | Improper Access Control vulnerability in Google Android In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications. | 5.5 |
| 2017-06-13 | CVE-2015-9021 | Improper Access Control vulnerability in Google Android In all Android releases from CAF using the Linux kernel, access control to SMEM memory was not enabled. | 5.5 |
| 2017-06-06 | CVE-2015-3830 | Improper Input Validation vulnerability in Google Android The stock Android browser address bar in all Android operating systems suffers from Address Bar Spoofing, which allows remote attackers to trick a victim by displaying a malicious page for legitimate domain names. | 6.5 |
| 2017-06-06 | CVE-2015-1207 | Double Free vulnerability in multiple products Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file. | 6.5 |
| 2017-06-06 | CVE-2014-9951 | Information Exposure vulnerability in Google Android In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure Through Timing Discrepancy vulnerability could potentially exist. | 5.5 |
| 2017-06-06 | CVE-2014-9947 | Information Exposure vulnerability in Google Android In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure vulnerability could potentially exist. | 5.5 |
| 2017-05-18 | CVE-2017-9045 | Missing Encryption of Sensitive Data vulnerability in Google I/O 2017 5.0.3 The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http://storage.googleapis.com without SSL, which makes it easier for man-in-the-middle attackers to spoof Feed and Schedule data by creating a modified blocks_v4.json file. | 5.9 |
| 2017-05-16 | CVE-2015-9001 | Information Exposure vulnerability in Google Android In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. | 5.5 |