Vulnerabilities > Google > Android

DATE CVE VULNERABILITY TITLE RISK
2016-07-11 CVE-2014-9786 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28557260 and Qualcomm internal bug CR545979.
local
low complexity
google CWE-119
7.8
2016-07-11 CVE-2014-9785 Permissions, Privileges, and Access Controls vulnerability in Google Android
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate addresses before copying data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28469042 and Qualcomm internal bug CR545747.
local
low complexity
google CWE-264
7.8
2016-07-11 CVE-2014-9784 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
Multiple buffer overflows in drivers/char/diag/diag_debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28442449 and Qualcomm internal bug CR585147.
local
low complexity
google CWE-119
7.8
2016-07-11 CVE-2014-9783 Permissions, Privileges, and Access Controls vulnerability in Google Android
drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate certain values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28441831 and Qualcomm internal bug CR511382.
local
low complexity
google CWE-264
7.8
2016-07-11 CVE-2014-9782 Permissions, Privileges, and Access Controls vulnerability in Google Android
drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate direction and step parameters, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28431531 and Qualcomm internal bug CR511349.
local
low complexity
google CWE-264
7.8
2016-07-11 CVE-2014-9781 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
Buffer overflow in drivers/video/fbcmap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28410333 and Qualcomm internal bug CR556471.
local
low complexity
google CWE-119
7.8
2016-07-11 CVE-2014-9780 Permissions, Privileges, and Access Controls vulnerability in Google Android
drivers/video/msm/mdss/mdp3_ctrl.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5, 5X, and 6P devices does not validate start and length values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28602014 and Qualcomm internal bug CR542222.
local
low complexity
google CWE-264
7.8
2016-07-11 CVE-2014-9779 Permissions, Privileges, and Access Controls vulnerability in Google Android
arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to obtain sensitive information from kernel memory via a crafted offset, aka Android internal bug 28598347 and Qualcomm internal bug CR548679.
local
low complexity
google CWE-264
7.8
2016-07-11 CVE-2014-9778 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598515 and Qualcomm internal bug CR563694.
local
low complexity
google CWE-119
7.8
2016-07-11 CVE-2014-9777 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598501 and Qualcomm internal bug CR563654.
local
low complexity
google CWE-119
7.8