Vulnerabilities > Google > Android > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-24 | CVE-2017-3544 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). | 3.7 |
2017-01-12 | CVE-2016-6770 | Improper Access Control vulnerability in Google Android An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level. | 3.3 |
2016-09-11 | CVE-2016-3888 | Permissions, Privileges, and Access Controls vulnerability in Google Android internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, and send premium SMS messages during the Setup Wizard provisioning stage, via unspecified vectors, aka internal bug 29420123. | 2.1 |
2016-07-11 | CVE-2016-3763 | Improper Input Validation vulnerability in Google Android net/PacProxySelector.java in the Proxy Auto-Config (PAC) feature in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote attackers to discover credentials by operating a server with a PAC script, aka internal bug 27593919. | 3.3 |
2016-07-11 | CVE-2016-3759 | Information Exposure vulnerability in Google Android The Framework APIs in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to read backup data via a crafted application that leverages priv-app access to insert a backup transport, aka internal bug 28406080. | 3.3 |
2016-01-06 | CVE-2015-6641 | Information Exposure vulnerability in Google Android 6.0 Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to obtain sensitive Contacts information by leveraging pairing, aka internal bug 23607427. | 3.1 |
2016-01-06 | CVE-2015-6644 | Information Exposure vulnerability in Google Android Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146. | 3.3 |