Vulnerabilities > Google > Android > 2.3.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-09 | CVE-2016-2437 | Permissions, Privileges, and Access Controls vulnerability in Google Android The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822. | 7.8 |
| 2016-05-09 | CVE-2016-2436 | Permissions, Privileges, and Access Controls vulnerability in Google Android The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111. | 7.8 |
| 2016-05-09 | CVE-2016-2435 | Permissions, Privileges, and Access Controls vulnerability in Google Android The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988. | 7.8 |
| 2016-05-09 | CVE-2016-2434 | Permissions, Privileges, and Access Controls vulnerability in Google Android The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090. | 7.8 |
| 2016-05-09 | CVE-2016-2432 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059. | 7.8 |
| 2016-05-09 | CVE-2016-2431 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 24968809. | 7.8 |
| 2016-05-09 | CVE-2016-2060 | Permissions, Privileges, and Access Controls vulnerability in Google Android server/TetherController.cpp in the tethering controller in netd, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate upstream interface names, which allows attackers to bypass intended access restrictions via a crafted application. | 7.8 |
| 2016-04-27 | CVE-2016-0774 | Improper Input Validation vulnerability in multiple products The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun." NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805. | 6.8 |