Filtered by vendor Google
Subscribe
Total
10294 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-6646 | 1 Google | 1 Android | 2016-12-07 | 7.8 HIGH | 6.2 MEDIUM |
| The System V IPC implementation in the kernel in Android before 6.0 2016-01-01 allows attackers to cause a denial of service (global kernel resource consumption) by leveraging improper interaction between IPC resource allocation and the memory manager, aka internal bug 22300191, a different vulnerability than CVE-2015-7613. | |||||
| CVE-2015-6647 | 1 Google | 1 Android | 2016-12-07 | 9.3 HIGH | 7.8 HIGH |
| The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554. | |||||
| CVE-2015-3868 | 1 Google | 1 Android | 2016-12-07 | 10.0 HIGH | N/A |
| libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23270724. | |||||
| CVE-2015-0798 | 3 Google, Mozilla, Oracle | 3 Android, Firefox, Solaris | 2016-12-07 | 5.0 MEDIUM | N/A |
| The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, and Desktop Firefox pre-release, does not properly handle privileged URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy. | |||||
| CVE-2016-6695 | 1 Google | 1 Android | 2016-12-06 | 7.5 HIGH | 9.8 CRITICAL |
| sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted visualizer data length, aka Qualcomm internal bug CR 1033540. | |||||
| CVE-2016-6696 | 1 Google | 1 Android | 2016-12-06 | 7.5 HIGH | 9.8 CRITICAL |
| sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm internal bug CR 1041130. | |||||
| CVE-2016-6677 | 1 Google | 1 Android | 2016-12-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| The NVIDIA GPU driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30259955. | |||||
| CVE-2016-6679 | 1 Google | 1 Android | 2016-12-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes a setwpaie ioctl call, aka Android internal bug 29915601 and Qualcomm internal bug CR 1000913. | |||||
| CVE-2016-6682 | 1 Google | 1 Android | 2016-12-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 30152501 and Qualcomm internal bug CR 1049615. | |||||
| CVE-2016-6702 | 1 Google | 1 Android | 2016-12-06 | 6.8 MEDIUM | 7.8 HIGH |
| A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses libjpeg. Android ID: A-30259087. | |||||
| CVE-2016-6703 | 1 Google | 1 Android | 2016-12-06 | 6.8 MEDIUM | 7.8 HIGH |
| A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246. | |||||
| CVE-2016-6708 | 1 Google | 1 Android | 2016-12-06 | 2.1 LOW | 5.5 MEDIUM |
| An elevation of privilege in the System UI in Android 7.0 before 2016-11-01 could enable a local malicious user to bypass the security prompt of your work profile in Multi-Window mode. This issue is rated as High because it is a local bypass of user interaction requirements for any developer or security setting modifications. Android ID: A-30693465. | |||||
| CVE-2016-6716 | 1 Google | 1 Android | 2016-12-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| An elevation of privilege vulnerability in the AOSP Launcher in Android 7.0 before 2016-11-01 could allow a local malicious application to create shortcuts that have elevated privileges without the user's consent. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission). Android ID: A-30778130. | |||||
| CVE-2016-6676 | 1 Google | 1 Android | 2016-12-06 | 9.3 HIGH | 7.8 HIGH |
| Off-by-one error in CORE/HDD/src/wlan_hdd_cfg.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application that makes a GET_CFG ioctl call, aka Android internal bug 30874066 and Qualcomm internal bug CR 1000853. | |||||
| CVE-2016-6680 | 1 Google | 1 Android | 2016-12-06 | 6.8 MEDIUM | 7.8 HIGH |
| CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes an iw_set_priv ioctl call, aka Android internal bug 29982678 and Qualcomm internal bug CR 1048052. | |||||
| CVE-2016-6683 | 1 Google | 1 Android | 2016-12-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| The kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30143283. | |||||
| CVE-2016-6687 | 1 Google | 1 Android | 2016-12-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30162222. | |||||
| CVE-2016-6692 | 1 Google | 1 Android | 2016-12-06 | 7.5 HIGH | 9.8 CRITICAL |
| drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933. | |||||
| CVE-2016-6694 | 1 Google | 1 Android | 2016-12-06 | 7.5 HIGH | 9.8 CRITICAL |
| sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted parameter data, aka Qualcomm internal bug CR 1033525. | |||||
| CVE-2016-6684 | 1 Google | 8 Android, Android One, Nexus 5 and 5 more | 2016-12-06 | 4.3 MEDIUM | 5.5 MEDIUM |
| The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30148243. | |||||