Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2016-08-06 CVE-2014-9866 Improper Input Validation vulnerability in Google Android
drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate a certain parameter, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28747684 and Qualcomm internal bug CR511358.
local
low complexity
google CWE-20
7.8
2016-08-06 CVE-2014-9865 Improper Access Control vulnerability in Google Android
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly restrict user-space input, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28748271 and Qualcomm internal bug CR550013.
local
low complexity
google CWE-284
7.8
2016-08-06 CVE-2014-9864 Improper Input Validation vulnerability in Google Android
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate ioctl calls, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28747998 and Qualcomm internal bug CR561841.
local
low complexity
google CWE-20
7.8
2016-08-06 CVE-2014-9863 Integer Overflow or Wraparound vulnerability in Google Android
Integer underflow in the diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28768146 and Qualcomm internal bug CR549470.
local
low complexity
google CWE-190
7.8
2016-08-05 CVE-2016-3857 Permissions, Privileges, and Access Controls vulnerability in Google Android
The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.
local
low complexity
google CWE-264
7.8
2016-08-05 CVE-2016-3851 Permissions, Privileges, and Access Controls vulnerability in Google Android
The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X devices allows attackers to gain privileges by leveraging access to a privileged process, aka internal bug 29189941.
network
high complexity
google CWE-264
8.1
2016-08-05 CVE-2016-3850 Permissions, Privileges, and Access Controls vulnerability in Google Android
Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted header field in a boot image, aka Android internal bug 27917291 and Qualcomm internal bug CR945164.
local
low complexity
google CWE-264
7.3
2016-08-05 CVE-2016-3849 Permissions, Privileges, and Access Controls vulnerability in Google Android
The ION driver in Android before 2016-08-05 on Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28939740.
local
low complexity
google CWE-264
7.8
2016-08-05 CVE-2016-3848 Permissions, Privileges, and Access Controls vulnerability in Google Android
The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28919417.
local
high complexity
google CWE-264
7.0
2016-08-05 CVE-2016-3847 Permissions, Privileges, and Access Controls vulnerability in Google Android
The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28871433.
local
low complexity
google CWE-264
7.8