Vulnerabilities > Google > Android > 2.2.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-27 | CVE-2015-3840 | Improper Access Control vulnerability in Google Android The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission. | 2.1 |
| 2017-05-12 | CVE-2017-0625 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. | 4.3 |
| 2017-05-12 | CVE-2017-0620 | Improper Input Validation vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
| 2017-05-12 | CVE-2017-0619 | Privilege Escalation vulnerability in Google Android Qualcomm Pin Controller Driver An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
| 2017-05-12 | CVE-2017-0618 | Privilege Escalation vulnerability in Google Android Mediatek Command Queue Driver An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
| 2017-05-12 | CVE-2017-0617 | Privilege Escalation vulnerability in Google Android Mediatek Video Driver An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
| 2017-05-12 | CVE-2017-0616 | Privilege Escalation vulnerability in Google Android Mediatek Driver An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
| 2017-05-12 | CVE-2017-0615 | Privilege Escalation vulnerability in Google Android Mediatek Power Driver An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
| 2017-05-12 | CVE-2017-0604 | Always-Incorrect Control Flow Implementation vulnerability in Google Android An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 9.3 |
| 2017-05-12 | CVE-2017-0465 | Classic Buffer Overflow vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |