Vulnerabilities > Google > Android
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-10 | CVE-2016-3927 | Unspecified vulnerability in Google Android Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823244. | 9.8 |
| 2016-10-10 | CVE-2016-3926 | Unspecified vulnerability in Google Android Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5, 5X, 6, and 6P devices has unknown impact and attack vectors, aka internal bug 28823953. | 9.8 |
| 2016-10-10 | CVE-2016-3925 | Improper Access Control vulnerability in Google Android 6.0/6.0.1/7.0 server/wifi/anqp/ANQPFactory.java in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows attackers to cause a denial of service (blocked Wi-Fi usage) via a crafted application, aka internal bug 30230534. | 5.5 |
| 2016-10-10 | CVE-2016-3924 | Information Exposure vulnerability in Google Android services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate EFFECT_CMD_SET_PARAM and EFFECT_CMD_SET_PARAM_DEFERRED commands, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 30204301. | 5.5 |
| 2016-10-10 | CVE-2016-3923 | Improper Access Control vulnerability in Google Android The Accessibility services in Android 7.0 before 2016-10-01 mishandle motion events, which allows attackers to conduct touchjacking attacks and consequently gain privileges via a crafted application, aka internal bug 30647115. | 5.5 |
| 2016-10-10 | CVE-2016-3922 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1/7.0 libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619. | 7.8 |
| 2016-10-10 | CVE-2016-3921 | Permissions, Privileges, and Access Controls vulnerability in Google Android libsysutils/src/FrameworkListener.cpp in Framework Listener in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 29831647. | 7.8 |
| 2016-10-10 | CVE-2016-3920 | Improper Input Validation vulnerability in Google Android id3/ID3.cpp in libstagefright in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka internal bug 30744884. | 5.5 |
| 2016-10-10 | CVE-2016-3918 | Information Exposure vulnerability in Google Android email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain values are integers, which allows attackers to read arbitrary attachments via a crafted application that provides a pathname value, aka internal bug 30745403. | 5.5 |
| 2016-10-10 | CVE-2016-3917 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0.1/7.0 The fingerprint login feature in Android 6.0.1 before 2016-10-01 and 7.0 before 2016-10-01 does not track the user account during the authentication process, which allows physically proximate attackers to authenticate as an arbitrary user by leveraging lockscreen access, aka internal bug 30744668. | 7.8 |