Vulnerabilities > Google > Android > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-16 | CVE-2016-5347 | Information Exposure vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver. | 2.6 |
| 2017-08-16 | CVE-2016-5854 | Information Exposure vulnerability in Google Android In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace. | 2.6 |
| 2017-08-16 | CVE-2016-5855 | Information Exposure vulnerability in Google Android In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough. | 2.6 |
| 2017-08-16 | CVE-2016-5858 | Information Exposure vulnerability in Google Android In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs. | 2.6 |
| 2017-08-07 | CVE-2015-3839 | NULL Pointer Dereference vulnerability in Google Android The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). | 2.1 |
| 2017-07-17 | CVE-2017-3742 | Information Exposure vulnerability in Lenovo Connect2 In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. | 2.3 |
| 2017-07-07 | CVE-2014-7954 | Path Traversal vulnerability in Google Android 4.4.4 Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. | 2.1 |
| 2017-06-27 | CVE-2015-3840 | Improper Access Control vulnerability in Google Android The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission. | 2.1 |
| 2017-03-08 | CVE-2017-0498 | Denial of Service vulnerability in Google Android Setup Wizard A denial of service vulnerability in Setup Wizard could allow a local attacker to require Google account sign-in after a factory reset. | 2.1 |
| 2017-03-08 | CVE-2017-0532 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the MediaTek video codec driver could enable a local malicious application to access data outside of its permission levels. | 2.6 |