Vulnerabilities > Google > Android > 2.2.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-06 | CVE-2014-9867 | Permissions, Privileges, and Access Controls vulnerability in Google Android drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate the number of streams, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28749629 and Qualcomm internal bug CR514702. | 9.3 |
| 2016-08-06 | CVE-2014-9866 | Improper Input Validation vulnerability in Google Android drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate a certain parameter, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28747684 and Qualcomm internal bug CR511358. | 9.3 |
| 2016-08-06 | CVE-2014-9865 | Improper Access Control vulnerability in Google Android drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly restrict user-space input, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28748271 and Qualcomm internal bug CR550013. | 9.3 |
| 2016-08-06 | CVE-2014-9864 | Improper Input Validation vulnerability in Google Android drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate ioctl calls, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28747998 and Qualcomm internal bug CR561841. | 9.3 |
| 2016-08-06 | CVE-2014-9863 | Integer Overflow or Wraparound vulnerability in Google Android Integer underflow in the diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28768146 and Qualcomm internal bug CR549470. | 9.3 |
| 2016-08-05 | CVE-2016-3857 | Permissions, Privileges, and Access Controls vulnerability in Google Android The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518. | 9.3 |
| 2016-08-05 | CVE-2016-3853 | Permissions, Privileges, and Access Controls vulnerability in Google Android Google Play services in Android before 2016-08-05 on Nexus devices allow local users to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26803208. | 4.9 |
| 2016-08-05 | CVE-2016-3852 | Information Exposure vulnerability in Google Android The MediaTek Wi-Fi driver in Android before 2016-08-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29141147 and MediaTek internal bug ALPS02751738. | 4.3 |
| 2016-08-05 | CVE-2016-3851 | Permissions, Privileges, and Access Controls vulnerability in Google Android The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X devices allows attackers to gain privileges by leveraging access to a privileged process, aka internal bug 29189941. | 9.3 |
| 2016-08-05 | CVE-2016-3850 | Permissions, Privileges, and Access Controls vulnerability in Google Android Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted header field in a boot image, aka Android internal bug 27917291 and Qualcomm internal bug CR945164. | 6.9 |