Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2016-02-07 CVE-2016-0806 Permissions, Privileges, and Access Controls vulnerability in Google Android
The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25344453.
local
low complexity
google CWE-264
7.2
2016-02-07 CVE-2016-0805 Permissions, Privileges, and Access Controls vulnerability in Google Android
The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204.
local
low complexity
google CWE-264
7.2
2016-02-07 CVE-2016-0802 Improper Input Validation vulnerability in multiple products
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181.
low complexity
google apple CWE-20
8.3
2016-02-07 CVE-2016-0801 Improper Input Validation vulnerability in multiple products
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.
low complexity
apple google CWE-20
8.3
2016-01-06 CVE-2015-6647 Permissions, Privileges, and Access Controls vulnerability in Google Android
The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554.
local
low complexity
google CWE-264
7.8
2016-01-06 CVE-2015-6646 Resource Management Errors vulnerability in Google Android 6.0
The System V IPC implementation in the kernel in Android before 6.0 2016-01-01 allows attackers to cause a denial of service (global kernel resource consumption) by leveraging improper interaction between IPC resource allocation and the memory manager, aka internal bug 22300191, a different vulnerability than CVE-2015-7613.
network
low complexity
google CWE-399
7.8
2016-01-06 CVE-2015-6645 Permissions, Privileges, and Access Controls vulnerability in Google Android
SyncManager in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to cause a denial of service (continuous rebooting) via a crafted application, aka internal bug 23591205.
network
google CWE-264
7.1
2016-01-06 CVE-2015-6643 Permissions, Privileges, and Access Controls vulnerability in Google Android 5.1.1/6.0/6.0.1
Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows physically proximate attackers to modify settings or bypass a reset protection mechanism via unspecified vectors, aka internal bug 25290269.
local
low complexity
google CWE-264
7.2
2016-01-06 CVE-2015-6642 Permissions, Privileges, and Access Controls vulnerability in Google Android 5.1.0/6.0/6.0.1
The kernel in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24157888.
network
low complexity
google CWE-264
7.8
2016-01-06 CVE-2015-6639 Permissions, Privileges, and Access Controls vulnerability in Google Android
The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875.
local
low complexity
google CWE-264
7.8