Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-10 | CVE-2016-3931 | Permissions, Privileges, and Access Controls vulnerability in Google Android drivers/misc/qseecom.c in the Qualcomm QSEE Communicator driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29157595 and Qualcomm internal bug CR 1036418. | 7.8 |
| 2016-10-10 | CVE-2016-3930 | Permissions, Privileges, and Access Controls vulnerability in Google Android The NVIDIA MMC test driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28760138. | 7.8 |
| 2016-10-10 | CVE-2016-3928 | Permissions, Privileges, and Access Controls vulnerability in Google Android The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019362 and MediaTek internal bug ALPS02829384. | 7.8 |
| 2016-10-10 | CVE-2016-3922 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1/7.0 libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619. | 7.8 |
| 2016-10-10 | CVE-2016-3921 | Permissions, Privileges, and Access Controls vulnerability in Google Android libsysutils/src/FrameworkListener.cpp in Framework Listener in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 29831647. | 7.8 |
| 2016-10-10 | CVE-2016-3917 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0.1/7.0 The fingerprint login feature in Android 6.0.1 before 2016-10-01 and 7.0 before 2016-10-01 does not track the user account during the authentication process, which allows physically proximate attackers to authenticate as an arbitrary user by leveraging lockscreen access, aka internal bug 30744668. | 7.8 |
| 2016-10-10 | CVE-2016-3915 | Permissions, Privileges, and Access Controls vulnerability in Google Android camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30591838. | 7.8 |
| 2016-10-10 | CVE-2016-3913 | Permissions, Privileges, and Access Controls vulnerability in Google Android media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate a certain static_cast operation, which allows attackers to gain privileges via a crafted application, aka internal bug 30204103. | 7.8 |
| 2016-10-10 | CVE-2016-3912 | Permissions, Privileges, and Access Controls vulnerability in Google Android The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allow attackers to gain privileges via a crafted application, aka internal bug 30202481. | 7.8 |
| 2016-10-10 | CVE-2016-3911 | Permissions, Privileges, and Access Controls vulnerability in Google Android core/java/android/os/Process.java in Zygote in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30143607. | 7.8 |