Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-19 | CVE-2018-9340 | Out-of-bounds Read vulnerability in Google Android In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure. | 5.5 |
| 2024-11-19 | CVE-2018-9345 | Use of Uninitialized Resource vulnerability in Google Android In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. | 5.5 |
| 2024-11-19 | CVE-2018-9346 | Use of Uninitialized Resource vulnerability in Google Android In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. | 5.5 |
| 2024-11-15 | CVE-2017-13311 | Unspecified vulnerability in Google Android In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. | 6.7 |
| 2024-11-15 | CVE-2017-13313 | Infinite Loop vulnerability in Google Android In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. | 6.5 |
| 2024-11-15 | CVE-2017-13309 | Unspecified vulnerability in Google Android 8.1 In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. | 5.5 |
| 2024-11-14 | CVE-2017-13227 | Unspecified vulnerability in Google Android 8.0/8.1 In the autofill service, the package name that is provided by the app process is trusted inappropriately. | 5.5 |
| 2024-11-13 | CVE-2024-43082 | Unspecified vulnerability in Google Android 12.0/12.1 In onActivityResult of EditUserPhotoController.java, there is a possible cross-user media read due to a confused deputy. | 5.5 |
| 2024-11-13 | CVE-2024-43083 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion. | 5.5 |
| 2024-11-13 | CVE-2024-43084 | Unspecified vulnerability in Google Android In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. | 5.5 |