Vulnerabilities > Google > Android > Low

DATE CVE VULNERABILITY TITLE RISK
2018-05-10 CVE-2018-6254 Out-of-bounds Read vulnerability in Google Android
In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure.
local
low complexity
google CWE-125
3.3
3.3
2018-04-04 CVE-2016-10236 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Qualcomm USB driver.
local
low complexity
google CWE-200
3.3
3.3
2018-04-04 CVE-2017-6425 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Qualcomm video driver.
local
low complexity
google CWE-200
3.3
3.3
2018-04-04 CVE-2017-6426 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Qualcomm SPMI driver.
local
low complexity
google CWE-200
3.3
3.3
2017-07-06 CVE-2017-0709 Information Exposure vulnerability in Google Android 7.1.2
A information disclosure vulnerability in the HTC sensor hub driver.
local
low complexity
google CWE-200
3.3
3.3
2017-06-13 CVE-2015-9031 Information Exposure vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a TZ memory address is exposed to HLOS by HDCP.
local
low complexity
google CWE-200
3.3
3.3
2017-06-13 CVE-2015-9032 Information Exposure vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a DRM key was exposed to QTEE applications.
local
low complexity
google CWE-200
3.3
3.3
2017-04-24 CVE-2017-3544 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle redhat debian google
3.7
3.7
2017-01-12 CVE-2016-6770 Improper Access Control vulnerability in Google Android
An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level.
local
low complexity
google CWE-284
3.3
3.3
2016-09-11 CVE-2016-3888 Permissions, Privileges, and Access Controls vulnerability in Google Android
internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, and send premium SMS messages during the Setup Wizard provisioning stage, via unspecified vectors, aka internal bug 29420123.
low complexity
google CWE-264
2.1
2.1