Vulnerabilities > Google > Android > 4.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-05 | CVE-2016-3823 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to gain privileges via a crafted application, aka internal bug 28815329. | 4.6 |
| 2016-08-05 | CVE-2016-3822 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds access) via crafted EXIF data, aka internal bug 28868315. | 6.8 |
| 2016-08-05 | CVE-2016-3821 | NULL Pointer Dereference vulnerability in Google Android libmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 has certain incorrect declarations, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference or memory corruption) via a crafted media file, aka internal bug 28166152. | 7.5 |
| 2016-08-05 | CVE-2016-3819 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Integer overflow in codecs/on2/h264dec/source/h264bsd_dpb.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28533562. | 7.5 |
| 2016-08-05 | CVE-2016-2504 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28026365 and Qualcomm internal bug CR1002974. | 6.9 |
| 2016-08-05 | CVE-2016-2497 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal bug 27450489. | 7.5 |
| 2016-08-05 | CVE-2014-9902 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices allows remote attackers to execute arbitrary code via a crafted Information Element (IE) in an 802.11 management frame, aka Android internal bug 28668638 and Qualcomm internal bugs CR553937 and CR553941. | 10.0 |
| 2016-08-05 | CVE-2014-9901 | Improper Access Control vulnerability in Google Android The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices makes incorrect snprintf calls, which allows remote attackers to cause a denial of service (device hang or reboot) via crafted frames, aka Android internal bug 28670333 and Qualcomm internal bug CR548711. | 7.8 |
| 2016-07-11 | CVE-2016-3818 | Improper Access Control vulnerability in Google Android libc in Android 4.x before 4.4.4 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka internal bug 28740702. | 7.1 |
| 2016-07-11 | CVE-2016-3816 | Information Exposure vulnerability in Google Android The MediaTek display driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28402240. | 4.3 |