Vulnerabilities > Google > Android

DATE CVE VULNERABILITY TITLE RISK
2016-08-06 CVE-2014-9864 Improper Input Validation vulnerability in Google Android
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate ioctl calls, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28747998 and Qualcomm internal bug CR561841.
local
low complexity
google CWE-20
7.8
2016-08-06 CVE-2014-9863 Integer Overflow or Wraparound vulnerability in Google Android
Integer underflow in the diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28768146 and Qualcomm internal bug CR549470.
local
low complexity
google CWE-190
7.8
2016-08-05 CVE-2016-3857 Permissions, Privileges, and Access Controls vulnerability in Google Android
The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.
local
low complexity
google CWE-264
7.8
2016-08-05 CVE-2016-3853 Permissions, Privileges, and Access Controls vulnerability in Google Android
Google Play services in Android before 2016-08-05 on Nexus devices allow local users to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26803208.
local
low complexity
google CWE-264
5.5
2016-08-05 CVE-2016-3852 Information Exposure vulnerability in Google Android
The MediaTek Wi-Fi driver in Android before 2016-08-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29141147 and MediaTek internal bug ALPS02751738.
local
low complexity
google CWE-200
5.5
2016-08-05 CVE-2016-3851 Permissions, Privileges, and Access Controls vulnerability in Google Android
The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X devices allows attackers to gain privileges by leveraging access to a privileged process, aka internal bug 29189941.
network
high complexity
google CWE-264
8.1
2016-08-05 CVE-2016-3850 Permissions, Privileges, and Access Controls vulnerability in Google Android
Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted header field in a boot image, aka Android internal bug 27917291 and Qualcomm internal bug CR945164.
local
low complexity
google CWE-264
7.3
2016-08-05 CVE-2016-3849 Permissions, Privileges, and Access Controls vulnerability in Google Android
The ION driver in Android before 2016-08-05 on Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28939740.
local
low complexity
google CWE-264
7.8
2016-08-05 CVE-2016-3848 Permissions, Privileges, and Access Controls vulnerability in Google Android
The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28919417.
local
high complexity
google CWE-264
7.0
2016-08-05 CVE-2016-3847 Permissions, Privileges, and Access Controls vulnerability in Google Android
The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28871433.
local
low complexity
google CWE-264
7.8