VYPR

Android

by Google

CVEs (4,715)

  • CVE-2016-2471HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27773913.

  • CVE-2016-2470HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27662174.

  • CVE-2016-2469HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.01

    The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27531992.

  • CVE-2016-2468HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.01

    The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454.

  • CVE-2016-2467HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28029010.

  • CVE-2016-2466HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.00

    The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka internal bug 27947307.

  • CVE-2016-2465HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.01

    The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407865.

  • CVE-2016-2464HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.02

    libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted mkv file, aka internal bug 23167726.

  • CVE-2016-4477HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or…

  • CVE-2016-2452HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by…

  • CVE-2016-2451HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate VPX output buffer sizes, which allows attackers to gain privileges via a crafted application, as…

  • CVE-2016-2450HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted application, as…

  • CVE-2016-2449HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    services/camera/libcameraservice/device3/Camera3Device.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate template IDs, which allows attackers to gain privileges via a crafted application, as…

  • CVE-2016-2448HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly validate entry data structures, which allows attackers to gain privileges via a crafted…

  • CVE-2016-2440HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    libs/binder/IPCThreadState.cpp in Binder in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 mishandles object references, which allows attackers to gain privileges via a crafted application, aka internal bug 27252896.

  • CVE-2016-2437HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.01

    The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.

  • CVE-2016-2436HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.

  • CVE-2016-2435HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.01

    The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.

  • CVE-2016-2434HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.01

    The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.

  • CVE-2016-2432HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059.

Page 110 of 236