Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-12 | CVE-2016-6784 | Improper Access Control vulnerability in Google Android 6.0.1 An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-01-12 | CVE-2016-6783 | Improper Access Control vulnerability in Google Android An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-01-12 | CVE-2016-6772 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 7.8 |
| 2017-01-12 | CVE-2016-6768 | Improper Access Control vulnerability in Google Android A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. | 7.8 |
| 2017-01-12 | CVE-2016-6762 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 7.8 |
| 2016-12-18 | CVE-2016-5185 | Use After Free vulnerability in Google Chrome Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly allowed reentrance of FrameView::updateLifecyclePhasesInternal(), which allowed a remote attacker to perform an out of bounds memory read via crafted HTML pages. | 8.8 |
| 2016-12-18 | CVE-2016-5184 | Use After Free vulnerability in Google Chrome PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFL_FormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files. | 8.8 |
| 2016-12-18 | CVE-2016-5183 | Use After Free vulnerability in Google Chrome A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files. | 8.8 |
| 2016-12-18 | CVE-2016-5182 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages. | 8.8 |
| 2016-12-13 | CVE-2016-6706 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. | 7.8 |