Vulnerabilities > Google > Android > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-08-18 CVE-2016-10380 DEPRECATED: Location vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.
network
low complexity
google CWE-1
critical
 9.8
9.8
2017-08-18 CVE-2016-10381 DEPRECATED: Location vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.
network
low complexity
google CWE-1
critical
 9.8
9.8
2017-08-18 CVE-2016-10382 Improper Access Control vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient.
network
low complexity
google CWE-284
critical
 9.8
9.8
2017-08-18 CVE-2016-10384 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl.
network
low complexity
google CWE-20
critical
 9.8
9.8
2017-08-18 CVE-2016-10385 Use After Free vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS.
network
low complexity
google CWE-416
critical
 9.8
9.8
2017-08-18 CVE-2016-10386 Improper Validation of Array Index vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP.
network
low complexity
google CWE-129
critical
 9.8
9.8
2017-08-18 CVE-2016-10387 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario.
network
low complexity
google CWE-20
critical
 9.8
9.8
2017-08-18 CVE-2016-10388 Configuration vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application.
network
low complexity
google CWE-16
critical
 9.8
9.8
2017-08-18 CVE-2016-10390 Resource Management Errors vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a file, an excessive amount of memory may be consumed.
network
low complexity
google CWE-399
critical
 9.8
9.8
2017-08-18 CVE-2016-10391 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity.
network
low complexity
google CWE-20
critical
 9.8
9.8