Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-13 | CVE-2016-1643 | 7PK - Time and State vulnerability in Google Chrome The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." | 8.8 |
| 2016-03-12 | CVE-2016-0829 | 7PK - Security Features vulnerability in Google Android The BnGraphicBufferProducer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not initialize a certain output data structure, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering a QUEUE_BUFFER action, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26338109. | 7.5 |
| 2016-03-12 | CVE-2016-0828 | 7PK - Security Features vulnerability in Google Android The BnGraphicBufferConsumer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not initialize a certain slot variable, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an ATTACH_BUFFER action, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26338113. | 7.5 |
| 2016-03-12 | CVE-2016-0827 | Numeric Errors vulnerability in Google Android Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and EffectReverb.cpp, aka internal bug 26347509. | 7.8 |
| 2016-03-12 | CVE-2016-0826 | Permissions, Privileges, and Access Controls vulnerability in Google Android libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly dumps, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26265403. | 7.8 |
| 2016-03-12 | CVE-2016-0822 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0.1 The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324. | 7.0 |
| 2016-03-12 | CVE-2016-0820 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0.1 The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358. | 7.8 |
| 2016-03-12 | CVE-2016-0819 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 25364034. | 7.8 |
| 2016-03-06 | CVE-2016-2844 | Improper Input Validation vulnerability in Google Chrome WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google Chrome before 49.0.2623.75, does not properly determine when anonymous block wrappers may exist, which allows remote attackers to cause a denial of service (incorrect cast and assertion failure) or possibly have unspecified other impact via crafted JavaScript code. | 8.8 |
| 2016-03-06 | CVE-2016-1641 | Unspecified vulnerability in Google Chrome Use-after-free vulnerability in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an image download after a certain data structure is deleted, as demonstrated by a favicon.ico download. | 8.8 |