Vulnerabilities > Google > Android > 5.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-07 | CVE-2016-0805 | Permissions, Privileges, and Access Controls vulnerability in Google Android The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204. | 8.4 |
| 2016-02-07 | CVE-2016-0804 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android The NuPlayer::GenericSource::notifyPreparedAndCleanup function in media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 improperly manages mDrmManagerClient objects, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25070434. | 9.8 |
| 2016-02-07 | CVE-2016-0803 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large memory allocation in the (1) SoftMPEG4Encoder or (2) SoftVPXEncoder component, aka internal bug 25812794. | 9.8 |
| 2016-01-06 | CVE-2015-6647 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554. | 7.8 |
| 2016-01-06 | CVE-2015-6645 | Permissions, Privileges, and Access Controls vulnerability in Google Android SyncManager in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to cause a denial of service (continuous rebooting) via a crafted application, aka internal bug 23591205. | 5.0 |
| 2016-01-06 | CVE-2015-6644 | Information Exposure vulnerability in Google Android Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146. | 3.3 |
| 2016-01-06 | CVE-2015-6642 | Permissions, Privileges, and Access Controls vulnerability in Google Android 5.1.0/6.0/6.0.1 The kernel in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24157888. | 9.8 |