Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2017-05-16 CVE-2016-10238 Permissions, Privileges, and Access Controls vulnerability in Google Android
In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue.
network
google CWE-264
critical
9.3
2017-05-16 CVE-2016-10237 Improper Access Control vulnerability in Google Android
If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory.
network
google CWE-284
critical
9.3
2017-05-16 CVE-2015-9003 Cryptographic Issues vulnerability in Google Android
In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel.
network
google CWE-310
critical
9.3
2017-05-16 CVE-2015-9002 Numeric Errors vulnerability in Google Android
In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
network
google CWE-189
critical
9.3
2017-05-16 CVE-2015-9001 Information Exposure vulnerability in Google Android
In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
network
google CWE-200
4.3
2017-05-16 CVE-2015-9000 NULL Pointer Dereference vulnerability in Google Android
In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
network
google CWE-476
critical
9.3
2017-05-16 CVE-2015-8999 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file.
network
google CWE-119
critical
9.3
2017-05-16 CVE-2015-8998 Integer Overflow or Wraparound vulnerability in Google Android
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
network
google CWE-190
critical
9.3
2017-05-16 CVE-2015-8997 Race Condition vulnerability in Google Android
In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel.
network
high complexity
google CWE-362
7.6
2017-05-16 CVE-2015-8996 Race Condition vulnerability in Google Android
In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel.
network
high complexity
google CWE-362
7.6