Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2016-05-09 CVE-2016-2462 Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1
OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bug 27371173.
network
high complexity
google CWE-264
7.6
7.6
2016-05-09 CVE-2016-2461 Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1
OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 27696681.
network
high complexity
google CWE-264
7.6
7.6
2016-05-09 CVE-2016-2454 Improper Input Validation vulnerability in Google Android
The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service (reboot) via a crafted file, aka internal bug 26221024.
network
google CWE-20
7.1
7.1
2016-05-09 CVE-2016-2453 Permissions, Privileges, and Access Controls vulnerability in Google Android ONE
The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27549705.
network
high complexity
google CWE-264
7.6
7.6
2016-05-09 CVE-2016-2446 Permissions, Privileges, and Access Controls vulnerability in Google Android
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.
network
high complexity
google CWE-264
7.6
7.6
2016-05-09 CVE-2016-2445 Permissions, Privileges, and Access Controls vulnerability in Google Android
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.
network
high complexity
google CWE-264
7.6
7.6
2016-05-09 CVE-2016-2444 Permissions, Privileges, and Access Controls vulnerability in Google Android
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.
network
high complexity
google CWE-264
7.6
7.6
2016-05-09 CVE-2016-2443 Permissions, Privileges, and Access Controls vulnerability in Google Android
The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 26404525.
network
high complexity
google CWE-264
7.6
7.6
2016-05-09 CVE-2016-2442 Permissions, Privileges, and Access Controls vulnerability in Google Android
The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907.
network
high complexity
google CWE-264
7.6
7.6
2016-05-09 CVE-2016-2441 Permissions, Privileges, and Access Controls vulnerability in Google Android
The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602.
network
high complexity
google CWE-264
7.6
7.6