Vulnerabilities > Google > Android > 6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-07 | CVE-2016-0803 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large memory allocation in the (1) SoftMPEG4Encoder or (2) SoftVPXEncoder component, aka internal bug 25812794. | 9.8 |
| 2016-02-07 | CVE-2016-0802 | Improper Input Validation vulnerability in multiple products The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181. | 8.8 |
| 2016-02-07 | CVE-2016-0801 | Improper Input Validation vulnerability in multiple products The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029. | 9.8 |
| 2016-01-06 | CVE-2015-6647 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554. | 7.8 |
| 2016-01-06 | CVE-2015-6646 | Resource Management Errors vulnerability in Google Android 6.0 The System V IPC implementation in the kernel in Android before 6.0 2016-01-01 allows attackers to cause a denial of service (global kernel resource consumption) by leveraging improper interaction between IPC resource allocation and the memory manager, aka internal bug 22300191, a different vulnerability than CVE-2015-7613. | 6.2 |
| 2016-01-06 | CVE-2015-6645 | Permissions, Privileges, and Access Controls vulnerability in Google Android SyncManager in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to cause a denial of service (continuous rebooting) via a crafted application, aka internal bug 23591205. | 5.0 |
| 2016-01-06 | CVE-2015-6644 | Information Exposure vulnerability in Google Android Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146. | 3.3 |
| 2016-01-06 | CVE-2015-6643 | Permissions, Privileges, and Access Controls vulnerability in Google Android 5.1.1/6.0/6.0.1 Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows physically proximate attackers to modify settings or bypass a reset protection mechanism via unspecified vectors, aka internal bug 25290269. | 6.6 |
| 2016-01-06 | CVE-2015-6642 | Permissions, Privileges, and Access Controls vulnerability in Google Android 5.1.0/6.0/6.0.1 The kernel in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24157888. | 9.8 |
| 2016-01-06 | CVE-2015-6641 | Information Exposure vulnerability in Google Android 6.0 Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to obtain sensitive Contacts information by leveraging pairing, aka internal bug 23607427. | 3.1 |