CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-14902 416 2017-12-05 2017-12-15
6.9
None Local Medium Not required Complete Complete Complete
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the GLink kernel driver, a Use After Free condition can potentially occur.
2 CVE-2017-11053 119 Overflow 2017-10-10 2017-10-19
6.8
None Remote Medium Not required Partial Partial Partial
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when qos map set IE of length less than 16 is received in association response or in qos map configure action frame, a buffer overflow can potentially occur in ConvertQosMapsetFrame().
3 CVE-2017-11000 264 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write.
4 CVE-2017-10999 264 Mem. Corr. 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, concurrent calls into ioctl RMNET_IOCTL_ADD_MUX_CHANNEL in ipa wan driver may lead to memory corruption due to missing locks.
5 CVE-2017-10998 264 Overflow 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. If the buffer length is large enough then the address + length operation could overflow and produce a result far below the valid region.
6 CVE-2017-10997 264 Mem. Corr. 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory.
7 CVE-2017-9720 264 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur.
8 CVE-2017-9677 264 Overflow 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function msm_compr_ioctl_shared, variable "ddp->params_length" could be accessed and modified by multiple threads, while it is not protected with locks. If one thread is running, while another thread is setting data, race conditions will happen. If "ddp->params_length" is set to a big number, a buffer overflow will occur.
9 CVE-2017-8277 264 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function msm_dba_register_client, if the client registers failed, it would be freed. However the client was not removed from list. Use-after-free would occur when traversing the list next time.
10 CVE-2017-8273 119 Overflow 2017-08-11 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android release from CAF using the Linux kernel, while processing fastboot boot command when verified boot feature is disabled, with length greater than boot image buffer, a buffer overflow can occur.
11 CVE-2017-8272 787 2017-08-18 2017-08-22
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write.
12 CVE-2017-8271 787 2017-08-11 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Out of bound memory write can happen in the MDSS Rotator driver in all Qualcomm products with Android releases from CAF using the Linux kernel by an unsanitized userspace-controlled parameter.
13 CVE-2017-8264 264 DoS 2017-08-11 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
A userspace process can cause a Denial of Service in the camera driver in all Qualcomm products with Android releases from CAF using the Linux kernel.
14 CVE-2017-8261 264 2017-08-18 2017-08-23
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a camera driver ioctl, a kernel overwrite can potentially occur.
15 CVE-2017-8260 787 2017-08-18 2017-08-23
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to a type downcast, a value may improperly pass validation and cause an out of bounds write later.
16 CVE-2017-8259 119 Overflow 2017-08-11 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
In the service locator in all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow can occur as the variable set for determining the size of the buffer is not used to indicate the size of the buffer.
17 CVE-2017-8257 264 2017-08-18 2017-08-23
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing the sde_rotator debug interface for register reading with multiple processes, one process can free the debug buffer while another process still has the debug buffer in use.
18 CVE-2017-8256 264 2017-08-18 2017-08-23
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, array out of bounds access can occur if userspace sends more than 16 multicast addresses.
19 CVE-2017-8251 264 Overflow 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, in functions msm_isp_check_stream_cfg_cmd & msm_isp_stats_update_cgc_override, 'stream_cfg_cmd->num_streams' is not checked, and could overflow the array stream_cfg_cmd->stream_handle.
20 CVE-2017-8250 264 Overflow 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, user controlled variables "nr_cmds" and "nr_bos" number are passed across functions without any check. An integer overflow to buffer overflow (with a smaller buffer allocated) may occur when they are too large or negative.
21 CVE-2017-8247 264 2017-09-21 2017-09-26
6.8
None Remote Medium Not required Partial Partial Partial
In all Qualcomm products with Android releases from CAF using the Linux kernel, if there is more than one thread doing the device open operation, the device may be opened more than once. This would lead to get_pid being called more than once, however put_pid being called only once in function "msm_close".
22 CVE-2017-5122 119 Overflow 2017-10-27 2017-12-08
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page.
23 CVE-2017-5121 20 Exec Code 2017-10-27 2017-12-08
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase.
24 CVE-2017-5116 704 Exec Code 2017-10-27 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
25 CVE-2017-5115 704 2017-10-27 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
26 CVE-2017-5114 119 Overflow Mem. Corr. 2017-10-27 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.
27 CVE-2017-5113 119 Overflow 2017-10-27 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
28 CVE-2017-5112 119 Exec Code Overflow 2017-10-27 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
29 CVE-2017-5111 416 Mem. Corr. 2017-10-27 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.
30 CVE-2017-5108 704 2017-10-27 2017-11-17
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file.
31 CVE-2017-5100 416 2017-10-27 2017-11-15
6.8
None Remote Medium Not required Partial Partial Partial
A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
32 CVE-2017-5099 20 +Priv 2017-10-27 2017-11-15
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to potentially gain privilege elevation via a crafted HTML page.
33 CVE-2017-5098 416 2017-10-27 2017-11-15
6.8
None Remote Medium Not required Partial Partial Partial
A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
34 CVE-2017-5097 20 2017-10-27 2017-11-15
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
35 CVE-2017-5095 119 Overflow 2017-10-27 2017-11-15
6.8
None Remote Medium Not required Partial Partial Partial
Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file.
36 CVE-2017-5092 20 2017-10-27 2017-11-16
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
37 CVE-2017-5091 416 2017-10-27 2017-11-15
6.8
None Remote Medium Not required Partial Partial Partial
A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
38 CVE-2017-5088 125 2017-10-27 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
39 CVE-2017-5087 416 2017-10-27 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape.
40 CVE-2017-5080 416 2017-10-27 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
41 CVE-2017-5078 77 2017-10-27 2017-11-15
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac allowed a remote attacker to perform command injection via a crafted HTML page, a similar issue to CVE-2004-0121. For example, characters such as * have an incorrect interaction with xdg-email in xdg-utils, and a space character can be used in front of a command-line argument.
42 CVE-2017-5077 125 2017-10-27 2017-11-14
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
43 CVE-2017-5073 416 2017-10-27 2017-11-13
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
44 CVE-2017-5071 125 2017-10-27 2017-11-13
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
45 CVE-2017-5070 704 Exec Code 2017-10-27 2017-11-13
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
46 CVE-2017-5064 119 Overflow 2017-10-27 2017-11-13
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of DOM changes in Blink in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
47 CVE-2017-5063 125 Overflow 2017-10-27 2017-11-13
6.8
None Remote Medium Not required Partial Partial Partial
A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
48 CVE-2017-5062 416 2017-10-27 2017-11-17
6.8
None Remote Medium Not required Partial Partial Partial
A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension.
49 CVE-2017-5059 704 Exec Code 2017-10-27 2017-11-13
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page.
50 CVE-2017-5058 416 2017-10-27 2017-11-13
6.8
None Remote Medium Not required Partial Partial Partial
A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Total number of vulnerabilities : 408   Page : 1 (This Page)2 3 4 5 6 7 8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.