Vulnerabilities > Google > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-08-18 CVE-2016-10380 DEPRECATED: Location vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.
network
low complexity
google CWE-1
critical
9.8
2017-08-18 CVE-2016-10347 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hypervisor function is not properly validated.
network
low complexity
google CWE-20
critical
9.8
2017-08-18 CVE-2016-10346 Integer Overflow or Wraparound vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor.
network
low complexity
google CWE-190
critical
9.8
2017-08-18 CVE-2016-10344 NULL Pointer Dereference vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in LTE.
network
low complexity
google CWE-476
critical
9.8
2017-08-18 CVE-2016-10343 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2015-9073 NULL Pointer Dereference vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall.
network
low complexity
google CWE-476
critical
9.8
2017-08-18 CVE-2015-9072 NULL Pointer Dereference vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer dereference can occur in a TrustZone syscall.
network
low complexity
google CWE-476
critical
9.8
2017-08-18 CVE-2015-9071 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2015-9070 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in a TrustZone syscall.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2015-9069 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File System can become corrupted.
network
low complexity
google CWE-20
critical
9.8