Vulnerabilities (CVE)

Filtered by CWE-125
Total 8737 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-9430 1 Google 1 Android 2026-06-17 N/A 9.8 CRITICAL
In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2018-9429 1 Google 1 Android 2026-06-17 N/A 6.5 MEDIUM
In buildImageItemsIfPossible of ItemTable.cpp there is a possible out of bound read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2018-9423 1 Google 1 Android 2026-06-17 N/A 6.5 MEDIUM
In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c there is a possible out of bound read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2018-9419 1 Google 1 Android 2026-06-17 N/A 7.5 HIGH
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2018-9410 1 Google 1 Android 2026-06-17 N/A 5.5 MEDIUM
In analyzeAxes of FontUtils.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2018-9408 1 Google 1 Android 2026-06-17 N/A 4.4 MEDIUM
In m3326_gps_write and m3326_gps_read of gps.s, there is a possible Out Of Bounds Read due to a missing bounds check. This could lead to a local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2018-9407 1 Google 1 Android 2026-06-17 N/A 5.5 MEDIUM
In emmc_rpmb_ioctl of emmc_rpmb.c, there is an Information Disclosure due to a Missing Bounds Check. This could lead to Information Disclosure of kernel data.
CVE-2018-9390 1 Google 1 Android 2026-06-17 N/A 6.7 MEDIUM
In procfile_write of gl_proc.c, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2018-9383 1 Google 1 Android 2026-06-17 N/A 4.4 MEDIUM
In asn1_ber_decoder of asn1_decoder.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2018-9371 1 Google 1 Android 2026-06-17 N/A 6.4 MEDIUM
In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2018-9365 1 Google 1 Android 2026-06-17 N/A 8.8 HIGH
In smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code execution due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2018-9361 1 Google 1 Android 2026-06-17 7.8 HIGH 7.5 HIGH
In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74202041.
CVE-2018-9360 1 Google 1 Android 2026-06-17 7.8 HIGH 7.5 HIGH
In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74201143.
CVE-2018-9359 1 Google 1 Android 2026-06-17 7.8 HIGH 7.5 HIGH
In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74196706.
CVE-2018-9358 1 Google 1 Android 2026-06-17 7.8 HIGH 7.5 HIGH
In gatts_process_attribute_req of gatt_sc.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-73172115.
CVE-2018-9353 1 Google 1 Android 2026-06-17 N/A 6.5 MEDIUM
In ihevcd_parse_slice_data of ihevcd_parse_slice.c there is a possible heap buffer out of bound read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2018-9351 1 Google 1 Android 2026-06-17 N/A 6.5 MEDIUM
In ih264e_fmt_conv_420p_to_420sp of ih264e_fmt_conv.c there is a possible out of bound read due to missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2018-9350 1 Google 1 Android 2026-06-17 N/A 6.5 MEDIUM
In ih264d_assign_pic_num of ih264d_utils.c there is a possible out of bound read due to missing bounds check. This could lead to a denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2018-9349 1 Google 1 Android 2026-06-17 N/A 6.5 MEDIUM
In mv_err_cost of mcomp.c there is a possible out of bounds read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2018-9340 1 Google 1 Android 2026-06-17 N/A 5.5 MEDIUM
In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure.