Vulnerabilities > Google > Android > 4.3.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-11 | CVE-2014-9778 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598515 and Qualcomm internal bug CR563694. | 7.8 |
| 2016-07-11 | CVE-2014-9777 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598501 and Qualcomm internal bug CR563654. | 7.8 |
| 2016-07-11 | CVE-2013-7457 | Unspecified vulnerability in Google Android Unspecified vulnerability in the Qualcomm components in Android before 2016-07-05 allows attackers to gain privileges via a crafted application. | 7.8 |
| 2016-06-13 | CVE-2016-2499 | Information Exposure vulnerability in Google Android AudioSource.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not initialize certain data, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 27855172. | 5.5 |
| 2016-06-13 | CVE-2016-2495 | Improper Input Validation vulnerability in Google Android SampleTable.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka internal bug 28076789. | 5.5 |
| 2016-06-13 | CVE-2016-2494 | Permissions, Privileges, and Access Controls vulnerability in Google Android Off-by-one error in sdcard/sdcard.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 28085658. | 7.8 |
| 2016-06-13 | CVE-2016-2493 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Broadcom Wi-Fi driver in Android before 2016-06-01 on Nexus 5, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 26571522. | 7.8 |
| 2016-06-13 | CVE-2016-2491 | Permissions, Privileges, and Access Controls vulnerability in Google Android The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27556408. | 7.8 |
| 2016-06-13 | CVE-2016-2490 | Permissions, Privileges, and Access Controls vulnerability in Google Android The NVIDIA camera driver in Android before 2016-06-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27533373. | 7.8 |
| 2016-06-13 | CVE-2016-2489 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407629. | 7.8 |