Vulnerabilities > Google > Android > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-10 | CVE-2016-6696 | Improper Input Validation vulnerability in Google Android sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm internal bug CR 1041130. | 9.8 |
| 2016-10-10 | CVE-2016-3926 | Unspecified vulnerability in Google Android Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5, 5X, 6, and 6P devices has unknown impact and attack vectors, aka internal bug 28823953. | 9.8 |
| 2016-10-10 | CVE-2016-3927 | Unspecified vulnerability in Google Android Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823244. | 9.8 |
| 2016-10-10 | CVE-2016-3929 | Unspecified vulnerability in Google Android Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823675. | 9.8 |
| 2016-09-11 | CVE-2016-3877 | Unspecified vulnerability in Google Android Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors. | 9.8 |
| 2016-08-30 | CVE-2016-5344 | Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service or possibly have unspecified other impact via a large size value, related to mdss_compat_utils.c, mdss_fb.c, and mdss_rotator.c. | 9.8 |
| 2016-08-05 | CVE-2014-9902 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices allows remote attackers to execute arbitrary code via a crafted Information Element (IE) in an 802.11 management frame, aka Android internal bug 28668638 and Qualcomm internal bugs CR553937 and CR553941. | 9.8 |
| 2016-08-05 | CVE-2016-3819 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Integer overflow in codecs/on2/h264dec/source/h264bsd_dpb.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28533562. | 9.8 |
| 2016-08-05 | CVE-2016-3820 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 6.0/6.0.1 The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 mishandles slice numbers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28673410. | 9.8 |
| 2016-08-05 | CVE-2016-3821 | NULL Pointer Dereference vulnerability in Google Android libmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 has certain incorrect declarations, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference or memory corruption) via a crafted media file, aka internal bug 28166152. | 9.8 |