Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-10 | CVE-2016-3903 | Permissions, Privileges, and Access Controls vulnerability in Google Android drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29513227 and Qualcomm internal bug CR 1040857. | 9.3 |
| 2016-10-10 | CVE-2016-3901 | Integer Overflow or Wraparound vulnerability in Google Android Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999161 and Qualcomm internal bug CR 1046434. | 9.3 |
| 2016-10-10 | CVE-2016-3900 | Permissions, Privileges, and Access Controls vulnerability in Google Android cmds/servicemanager/service_manager.c in ServiceManager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not properly restrict service registration, which allows attackers to gain privileges via a crafted application, aka internal bug 29431260. | 9.3 |
| 2016-10-10 | CVE-2015-8951 | Permissions, Privileges, and Access Controls vulnerability in Google Android Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 30142668 and Qualcomm internal bug CR 948902. | 9.3 |
| 2016-09-11 | CVE-2016-3885 | Permissions, Privileges, and Access Controls vulnerability in Google Android debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles the interaction between PTRACE_ATTACH operations and thread exits, which allows attackers to gain privileges via a crafted application, aka internal bug 29555636. | 9.3 |
| 2016-09-11 | CVE-2016-3877 | Unspecified vulnerability in Google Android Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors. | 10.0 |
| 2016-09-11 | CVE-2016-3874 | Permissions, Privileges, and Access Controls vulnerability in Google Android CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus 5X devices does not properly validate the arguments array, which allows attackers to gain privileges via a crafted application that sends a WE_UNIT_TEST_CMD command, aka Android internal bug 29944562 and Qualcomm internal bug CR997797. | 9.3 |
| 2016-09-11 | CVE-2016-3873 | Permissions, Privileges, and Access Controls vulnerability in Google Android The NVIDIA kernel in Android before 2016-09-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 29518457. | 9.3 |
| 2016-09-11 | CVE-2016-3872 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Buffer overflow in codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows attackers to gain privileges via a crafted application, aka internal bug 29421675. | 9.3 |
| 2016-09-11 | CVE-2016-3871 | Permissions, Privileges, and Access Controls vulnerability in Google Android Multiple buffer overflows in codecs/mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow attackers to gain privileges via a crafted application, aka internal bug 29422022. | 9.3 |