Vulnerabilities > Google > Android > 5.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-06 | CVE-2015-6643 | Permissions, Privileges, and Access Controls vulnerability in Google Android 5.1.1/6.0/6.0.1 Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows physically proximate attackers to modify settings or bypass a reset protection mechanism via unspecified vectors, aka internal bug 25290269. | 6.6 |
| 2016-01-06 | CVE-2015-6640 | Permissions, Privileges, and Access Controls vulnerability in Google Android The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service (vma list corruption) via a crafted application, aka internal bug 20017123. | 7.8 |
| 2016-01-06 | CVE-2015-6639 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875. | 7.8 |
| 2016-01-06 | CVE-2015-6638 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 24673908. | 7.8 |
| 2016-01-06 | CVE-2015-6637 | Permissions, Privileges, and Access Controls vulnerability in Google Android The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 25307013. | 7.8 |
| 2016-01-06 | CVE-2015-6636 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 25070493 and 24686670. | 9.8 |
| 2016-01-06 | CVE-2015-5310 | Information Exposure vulnerability in Google Android The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection (MFP) was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service (ignored packets) via a WNM Sleep Mode response. | 4.3 |