Vulnerabilities > Google > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-01-12 | CVE-2016-8445 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-01-12 | CVE-2016-6788 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-01-12 | CVE-2016-6767 | Resource Management Errors vulnerability in Google Android A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 7.1 |
2017-01-12 | CVE-2016-6766 | Data Processing Errors vulnerability in Google Android A denial of service vulnerability in libmedia and libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 7.1 |
2017-01-12 | CVE-2016-6765 | Data Processing Errors vulnerability in Google Android A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 7.1 |
2017-01-12 | CVE-2016-6764 | Resource Management Errors vulnerability in Google Android A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 7.1 |
2017-01-12 | CVE-2016-6763 | Improper Access Control vulnerability in Google Android A denial of service vulnerability in Telephony could enable a local malicious application to use a specially crafted file to cause a device hang or reboot. | 7.1 |
2016-12-18 | CVE-2016-5185 | Use After Free vulnerability in Google Chrome Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly allowed reentrance of FrameView::updateLifecyclePhasesInternal(), which allowed a remote attacker to perform an out of bounds memory read via crafted HTML pages. | 8.8 |
2016-12-18 | CVE-2016-5184 | Use After Free vulnerability in Google Chrome PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFL_FormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files. | 8.8 |
2016-12-18 | CVE-2016-5183 | Use After Free vulnerability in Google Chrome A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files. | 8.8 |