Vulnerabilities > Google > Android > 2.2.3

DATE CVE VULNERABILITY TITLE RISK
2016-08-05 CVE-2014-9902 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices allows remote attackers to execute arbitrary code via a crafted Information Element (IE) in an 802.11 management frame, aka Android internal bug 28668638 and Qualcomm internal bugs CR553937 and CR553941.
network
low complexity
google CWE-119
critical
10.0
2016-08-05 CVE-2014-9901 Improper Access Control vulnerability in Google Android
The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices makes incorrect snprintf calls, which allows remote attackers to cause a denial of service (device hang or reboot) via crafted frames, aka Android internal bug 28670333 and Qualcomm internal bug CR548711.
network
low complexity
google CWE-284
7.8
2016-07-11 CVE-2016-3816 Information Exposure vulnerability in Google Android
The MediaTek display driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28402240.
network
google CWE-200
4.3
2016-07-11 CVE-2016-3815 Information Exposure vulnerability in Google Android
The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28522274.
network
google CWE-200
4.3
2016-07-11 CVE-2016-3814 Information Exposure vulnerability in Google Android
The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28193342.
network
google CWE-200
4.3
2016-07-11 CVE-2016-3813 Information Exposure vulnerability in Google Android
The Qualcomm USB driver in Android before 2016-07-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28172322 and Qualcomm internal bug CR1010222.
network
google CWE-200
4.3
2016-07-11 CVE-2016-3812 Information Exposure vulnerability in Google Android
The MediaTek video codec driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28174833 and MediaTek internal bug ALPS02688832.
network
google CWE-200
4.3
2016-07-11 CVE-2016-3811 Permissions, Privileges, and Access Controls vulnerability in Google Android
The kernel video driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28447556.
network
google CWE-264
critical
9.3
2016-07-11 CVE-2016-3810 Information Exposure vulnerability in Google Android
The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28175522 and MediaTek internal bug ALPS02694389.
network
google CWE-200
4.3
2016-07-11 CVE-2016-3809 Information Exposure vulnerability in Google Android
The networking component in Android before 2016-07-05 on Android One, Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, and Pixel C devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 27532522.
network
google CWE-200
4.3