Vulnerabilities > Google > Android > 4.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-11 | CVE-2016-3867 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28919863 and Qualcomm internal bug CR1037897. | 9.3 |
| 2016-09-11 | CVE-2016-3866 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm sound driver in Android before 2016-09-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28868303 and Qualcomm internal bug CR1032820. | 9.3 |
| 2016-09-11 | CVE-2016-3865 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28799389. | 9.3 |
| 2016-09-11 | CVE-2016-3864 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm radio interface layer in Android before 2016-09-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28823714 and Qualcomm internal bug CR913117. | 9.3 |
| 2016-09-11 | CVE-2016-3863 | Improper Access Control vulnerability in Google Android Multiple stack-based buffer overflows in the AVCC reassembly implementation in Utils.cpp in libstagefright in MediaMuxer in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow remote attackers to execute arbitrary code via a crafted media file, aka internal bug 29161888. | 6.8 |
| 2016-09-11 | CVE-2016-3862 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android media/ExifInterface.java in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 does not properly interact with the use of static variables in libjhead_jni, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 29270469. | 9.3 |
| 2016-09-11 | CVE-2016-3861 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted file, aka internal bug 29250543. | 9.3 |
| 2016-09-11 | CVE-2016-3859 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm camera driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28815326 and Qualcomm internal bug CR1034641. | 9.3 |
| 2016-09-11 | CVE-2016-3858 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Buffer overflow in drivers/soc/qcom/subsystem_restart.c in the Qualcomm subsystem driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application that provides a long string, aka Android internal bug 28675151 and Qualcomm internal bug CR1022641. | 9.3 |
| 2016-08-30 | CVE-2016-5344 | Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service or possibly have unspecified other impact via a large size value, related to mdss_compat_utils.c, mdss_fb.c, and mdss_rotator.c. | 7.5 |