Android
by Google
CVEs (4,715)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-6704 | Hig | 0.51 | 7.8 | 0.01 | Nov 25, 2016 | An elevation of privilege vulnerability in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged… | ||
| CVE-2016-6703 | Hig | 0.51 | 7.8 | 0.01 | Nov 25, 2016 | A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an… | ||
| CVE-2016-6702 | Hig | 0.51 | 7.8 | 0.01 | Nov 25, 2016 | A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due… | ||
| CVE-2016-6701 | Hig | 0.51 | 7.8 | 0.01 | Nov 25, 2016 | A remote code execution vulnerability in libskia in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution… | ||
| CVE-2016-6700 | Hig | 0.51 | 7.8 | 0.01 | Nov 25, 2016 | An elevation of privilege vulnerability in libzipfile in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Critical due to… | ||
| CVE-2016-3904 | Hig | 0.51 | 7.8 | 0.01 | Nov 25, 2016 | An elevation of privilege vulnerability in the Qualcomm bus driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged… | ||
| CVE-2016-6680 | Hig | 0.51 | 7.8 | 0.01 | Oct 10, 2016 | CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes an iw_set_priv ioctl call, aka Android internal bug 29982678 and… | ||
| CVE-2016-6676 | Hig | 0.51 | 7.8 | 0.01 | Oct 10, 2016 | Off-by-one error in CORE/HDD/src/wlan_hdd_cfg.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application that makes a GET_CFG ioctl… | ||
| CVE-2016-6675 | Hig | 0.51 | 7.8 | 0.01 | Oct 10, 2016 | Off-by-one error in CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application that makes a linkspeed… | ||
| CVE-2016-6674 | Hig | 0.51 | 7.8 | 0.00 | Oct 10, 2016 | system_server in Android before 2016-10-05 on Nexus devices allows attackers to gain privileges via a crafted application, aka internal bug 30445380. | ||
| CVE-2016-6673 | Hig | 0.51 | 7.8 | 0.00 | Oct 10, 2016 | The NVIDIA camera driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 30204201. | ||
| CVE-2016-6672 | Hig | 0.51 | 7.8 | 0.00 | Oct 10, 2016 | The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 30537088. | ||
| CVE-2016-3940 | Hig | 0.51 | 7.8 | 0.00 | Oct 10, 2016 | The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 6P and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 30141991. | ||
| CVE-2016-3939 | Hig | 0.51 | 7.8 | 0.00 | Oct 10, 2016 | drivers/video/msm/mdss/mdss_debug.c in the Qualcomm video driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 30874196 and Qualcomm internal bug CR… | ||
| CVE-2016-3938 | Hig | 0.51 | 7.8 | 0.01 | Oct 10, 2016 | drivers/video/msm/mdss/mdss_mdp_overlay.c in the Qualcomm video driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 30019716 and Qualcomm internal bug… | ||
| CVE-2016-3937 | Hig | 0.51 | 7.8 | 0.01 | Oct 10, 2016 | The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30030994 and MediaTek internal bug ALPS02834874. | ||
| CVE-2016-3936 | Hig | 0.51 | 7.8 | 0.01 | Oct 10, 2016 | The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019037 and MediaTek internal bug ALPS02829568. | ||
| CVE-2016-3935 | Hig | 0.51 | 7.8 | 0.01 | Oct 10, 2016 | Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug… | ||
| CVE-2016-3934 | Hig | 0.51 | 7.8 | 0.01 | Oct 10, 2016 | drivers/media/platform/msm/camera_v2/sensor/io/msm_camera_cci_i2c.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices relies on variable-length arrays, which allows attackers to gain privileges via a… | ||
| CVE-2016-3933 | Hig | 0.51 | 7.8 | 0.00 | Oct 10, 2016 | mediaserver in Android before 2016-10-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 29421408. |
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due…
- risk 0.51cvss 7.8epss 0.01
A remote code execution vulnerability in libskia in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in libzipfile in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Critical due to…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability in the Qualcomm bus driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged…
- risk 0.51cvss 7.8epss 0.01
CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes an iw_set_priv ioctl call, aka Android internal bug 29982678 and…
- risk 0.51cvss 7.8epss 0.01
Off-by-one error in CORE/HDD/src/wlan_hdd_cfg.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application that makes a GET_CFG ioctl…
- risk 0.51cvss 7.8epss 0.01
Off-by-one error in CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application that makes a linkspeed…
- risk 0.51cvss 7.8epss 0.00
system_server in Android before 2016-10-05 on Nexus devices allows attackers to gain privileges via a crafted application, aka internal bug 30445380.
- risk 0.51cvss 7.8epss 0.00
The NVIDIA camera driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 30204201.
- risk 0.51cvss 7.8epss 0.00
The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 30537088.
- risk 0.51cvss 7.8epss 0.00
The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 6P and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 30141991.
- risk 0.51cvss 7.8epss 0.00
drivers/video/msm/mdss/mdss_debug.c in the Qualcomm video driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 30874196 and Qualcomm internal bug CR…
- risk 0.51cvss 7.8epss 0.01
drivers/video/msm/mdss/mdss_mdp_overlay.c in the Qualcomm video driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 30019716 and Qualcomm internal bug…
- risk 0.51cvss 7.8epss 0.01
The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30030994 and MediaTek internal bug ALPS02834874.
- risk 0.51cvss 7.8epss 0.01
The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019037 and MediaTek internal bug ALPS02829568.
- risk 0.51cvss 7.8epss 0.01
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug…
- risk 0.51cvss 7.8epss 0.01
drivers/media/platform/msm/camera_v2/sensor/io/msm_camera_cci_i2c.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices relies on variable-length arrays, which allows attackers to gain privileges via a…
- risk 0.51cvss 7.8epss 0.00
mediaserver in Android before 2016-10-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 29421408.
Page 100 of 236