Vulnerabilities > Google > Android > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-08-18 CVE-2015-9054 NULL Pointer Dereference vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced during GAL decoding.
network
low complexity
google CWE-476
critical
9.8
2017-08-18 CVE-2015-9055 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a memory management routine.
network
low complexity
google CWE-20
critical
9.8
2017-08-18 CVE-2015-9060 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not properly validated in a QTEE system call.
network
low complexity
google CWE-20
critical
9.8
2017-08-18 CVE-2015-9061 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, playReady DRM failed to check a length potentially leading to unauthorized access to secure memory.
network
low complexity
google CWE-20
critical
9.8
2017-08-18 CVE-2015-9062 Integer Overflow or Wraparound vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an ELF file.
network
low complexity
google CWE-190
critical
9.8
2017-08-18 CVE-2015-9063 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a procedure involving a remote UIM client.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2015-9064 Improper Access Control vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send IMEI or IMEISV to the network on a network request before NAS security has been activated.
network
low complexity
google CWE-284
critical
9.8
2017-08-18 CVE-2015-9065 7PK - Security Features vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to a UEInformationRequest before Access Stratum security is established.
network
low complexity
google CWE-254
critical
9.8
2017-08-18 CVE-2015-9066 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an Inter-RAT procedure.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2015-9067 Unspecified vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler optimization of memset() is addressed.
network
low complexity
google
critical
9.8