Vulnerabilities > Google > Android > 4.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-25 | CVE-2016-6700 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in libzipfile in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 9.3 |
| 2016-11-25 | CVE-2016-6698 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. | 4.3 |
| 2016-11-25 | CVE-2016-3907 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. | 4.3 |
| 2016-11-25 | CVE-2016-3906 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. | 4.3 |
| 2016-11-25 | CVE-2016-3904 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the Qualcomm bus driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. | 6.8 |
| 2016-10-31 | CVE-2016-7991 | 7PK - Errors vulnerability in Google Android On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542. | 7.8 |
| 2016-10-31 | CVE-2016-7990 | 7PK - Errors vulnerability in Google Android On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages (within WAP Push SMS messages) leading to a heap corruption that can result in Denial of Service and potentially remote code execution, a subset of SVE-2016-6542. | 10.0 |
| 2016-10-31 | CVE-2016-7989 | 7PK - Security Features vulnerability in Google Android On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. | 7.8 |
| 2016-10-31 | CVE-2016-7988 | Permission Issues vulnerability in Google Android On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.[Samsung].android.intent.action.SET_WIFI intent leads to unsolicited configuration messages being handled by wifi-service.jar within the Android Framework, a subset of SVE-2016-6542. | 7.8 |
| 2016-10-10 | CVE-2016-6696 | Improper Input Validation vulnerability in Google Android sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm internal bug CR 1041130. | 7.5 |