Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2016-07-11 CVE-2014-9793 7PK - Security Features vulnerability in Google Android
platform/msm_shared/mmc.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices mishandles the power-on write-protect feature, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28821253 and Qualcomm internal bug CR580567.
local
low complexity
google CWE-254
7.8
2016-07-11 CVE-2014-9792 Numeric Errors vulnerability in Google Android
arch/arm/mach-msm/ipc_router.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices uses an incorrect integer data type, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769399 and Qualcomm internal bug CR550606.
local
low complexity
google CWE-189
7.8
2016-07-11 CVE-2014-9790 Permissions, Privileges, and Access Controls vulnerability in Google Android
drivers/mmc/core/debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate pointers used in read and write operations, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769136 and Qualcomm internal bug CR545716.
local
low complexity
google CWE-264
7.8
2016-07-11 CVE-2014-9789 Permissions, Privileges, and Access Controls vulnerability in Google Android
The (1) alloc and (2) free APIs in arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices do not validate parameters, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28749392 and Qualcomm internal bug CR556425.
local
low complexity
google CWE-264
7.8
2016-07-11 CVE-2014-9788 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
Multiple buffer overflows in the voice drivers in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28573112 and Qualcomm internal bug CR548872.
local
low complexity
google CWE-119
7.8
2016-07-11 CVE-2014-9787 Numeric Errors vulnerability in Google Android
Integer overflow in drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28571496 and Qualcomm internal bug CR545764.
local
low complexity
google CWE-189
7.8
2016-07-11 CVE-2014-9786 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28557260 and Qualcomm internal bug CR545979.
local
low complexity
google CWE-119
7.8
2016-07-11 CVE-2014-9785 Permissions, Privileges, and Access Controls vulnerability in Google Android
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate addresses before copying data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28469042 and Qualcomm internal bug CR545747.
local
low complexity
google CWE-264
7.8
2016-07-11 CVE-2014-9784 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
Multiple buffer overflows in drivers/char/diag/diag_debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28442449 and Qualcomm internal bug CR585147.
local
low complexity
google CWE-119
7.8
2016-07-11 CVE-2014-9783 Permissions, Privileges, and Access Controls vulnerability in Google Android
drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate certain values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28441831 and Qualcomm internal bug CR511382.
local
low complexity
google CWE-264
7.8