Vulnerabilities > Permissions, Privileges, and Access Controls

DATE CVE VULNERABILITY TITLE RISK
2016-09-11 CVE-2016-3876 Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1/7.0
providers/settings/SettingsProvider.java in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the SAFE_BOOT_DISALLOWED protection mechanism and boot to safe mode via the Android Debug Bridge (adb) tool, aka internal bug 29900345.
low complexity
google CWE-264
6.8
2016-09-11 CVE-2016-3875 Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1
server/wm/WindowManagerService.java in Android 6.x before 2016-09-01 does not enforce the DISALLOW_SAFE_BOOT setting, which allows physically proximate attackers to bypass intended access restrictions and boot to safe mode via unspecified vectors, aka internal bug 26251884.
low complexity
google CWE-264
6.8
2016-09-11 CVE-2016-3874 Permissions, Privileges, and Access Controls vulnerability in Google Android
CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus 5X devices does not properly validate the arguments array, which allows attackers to gain privileges via a crafted application that sends a WE_UNIT_TEST_CMD command, aka Android internal bug 29944562 and Qualcomm internal bug CR997797.
local
low complexity
google CWE-264
7.8
2016-09-11 CVE-2016-3873 Permissions, Privileges, and Access Controls vulnerability in Google Android
The NVIDIA kernel in Android before 2016-09-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 29518457.
local
low complexity
google CWE-264
7.8
2016-09-11 CVE-2016-3871 Permissions, Privileges, and Access Controls vulnerability in Google Android
Multiple buffer overflows in codecs/mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow attackers to gain privileges via a crafted application, aka internal bug 29422022.
local
low complexity
google CWE-264
7.8
2016-09-11 CVE-2016-3870 Permissions, Privileges, and Access Controls vulnerability in Google Android
omx/SimpleSoftOMXComponent.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not prevent input-port changes, which allows attackers to gain privileges via a crafted application, aka internal bug 29421804.
local
low complexity
google CWE-264
7.8
2016-09-11 CVE-2016-3869 Permissions, Privileges, and Access Controls vulnerability in Google Android
The Broadcom Wi-Fi driver in Android before 2016-09-05 on Nexus 5, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29009982 and Broadcom internal bug RB#96070.
local
low complexity
google CWE-264
7.8
2016-09-11 CVE-2016-3868 Permissions, Privileges, and Access Controls vulnerability in Google Android
The Qualcomm power driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28967028 and Qualcomm internal bug CR1032875.
local
low complexity
google CWE-264
7.8
2016-09-11 CVE-2016-3867 Permissions, Privileges, and Access Controls vulnerability in Google Android
The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28919863 and Qualcomm internal bug CR1037897.
local
low complexity
google CWE-264
7.8
2016-09-11 CVE-2016-3866 Permissions, Privileges, and Access Controls vulnerability in Google Android
The Qualcomm sound driver in Android before 2016-09-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28868303 and Qualcomm internal bug CR1032820.
local
low complexity
google CWE-264
7.8