Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-19 | CVE-2018-9371 | Out-of-bounds Write vulnerability in Google Android In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. | 6.4 |
| 2024-11-19 | CVE-2018-9340 | Out-of-bounds Read vulnerability in Google Android In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure. | 5.5 |
| 2024-11-19 | CVE-2018-9345 | Use of Uninitialized Resource vulnerability in Google Android In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. | 5.5 |
| 2024-11-19 | CVE-2018-9346 | Use of Uninitialized Resource vulnerability in Google Android In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. | 5.5 |
| 2024-11-19 | CVE-2024-50302 | Use of Uninitialized Resource vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report. | 5.5 |
| 2024-11-15 | CVE-2017-13311 | Unspecified vulnerability in Google Android In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. | 6.7 |
| 2024-11-15 | CVE-2017-13313 | Infinite Loop vulnerability in Google Android In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. | 6.5 |
| 2024-11-15 | CVE-2017-13309 | Unspecified vulnerability in Google Android 8.1 In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. | 5.5 |
| 2024-11-14 | CVE-2017-13227 | Unspecified vulnerability in Google Android 8.0/8.1 In the autofill service, the package name that is provided by the app process is trusted inappropriately. | 5.5 |
| 2024-11-13 | CVE-2024-43082 | Unspecified vulnerability in Google Android 12.0/12.1 In onActivityResult of EditUserPhotoController.java, there is a possible cross-user media read due to a confused deputy. | 5.5 |