Vulnerabilities > Google > Android
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-12-13 | CVE-2016-6711 | Improper Input Validation vulnerability in Google Android A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 5.5 |
2016-12-13 | CVE-2016-6706 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 7.8 |
2016-12-13 | CVE-2016-6699 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. | 7.8 |
2016-12-08 | CVE-2015-8967 | Permissions, Privileges, and Access Controls vulnerability in multiple products arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access. | 7.8 |
2016-12-06 | CVE-2016-5341 | Improper Access Control vulnerability in Google Android The GPS component in Android before 2016-12-05 allows man-in-the-middle attackers to cause a denial of service (GPS signal-acquisition delay) via an incorrect xtra.bin or xtra2.bin file on a spoofed Qualcomm gpsonextra.net or izatcloud.net host, aka internal bug 31470303 and external bug 211602 (and AndroidID-7225554). | 5.9 |
2016-11-25 | CVE-2016-6754 | Injection vulnerability in Google Android A remote code execution vulnerability in Webview in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-05 could enable a remote attacker to execute arbitrary code when the user is navigating to a website. | 8.8 |
2016-11-25 | CVE-2016-6753 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in kernel components, including the process-grouping subsystem and the networking subsystem, in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. | 5.5 |
2016-11-25 | CVE-2016-6752 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. | 5.5 |
2016-11-25 | CVE-2016-6751 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. | 5.5 |
2016-11-25 | CVE-2016-6750 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. | 5.5 |