Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-07 | CVE-2016-0811 | Information Exposure vulnerability in Google Android 6.0/6.0.1 Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in libmediaplayerservice in Android 6.x before 2016-02-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an improper size calculation, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25800375. | 7.5 |
| 2016-02-07 | CVE-2016-0810 | Permissions, Privileges, and Access Controls vulnerability in Google Android media/libmedia/SoundPool.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 mishandles locking requirements, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25781119. | 7.8 |
| 2016-02-07 | CVE-2016-0809 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1 Use-after-free vulnerability in the wifi_cleanup function in bcmdhd/wifi_hal/wifi_hal.cpp in Wi-Fi in Android 6.x before 2016-02-01 allows attackers to gain privileges by leveraging access to the local physical environment during execution of a crafted application, aka internal bug 25753768. | 8.8 |
| 2016-02-07 | CVE-2016-0807 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1 The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394. | 8.4 |
| 2016-02-07 | CVE-2016-0806 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25344453. | 8.4 |
| 2016-02-07 | CVE-2016-0805 | Permissions, Privileges, and Access Controls vulnerability in Google Android The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204. | 8.4 |
| 2016-02-07 | CVE-2016-0802 | Improper Input Validation vulnerability in multiple products The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181. | 8.8 |
| 2016-01-25 | CVE-2016-2052 | Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947. | 7.6 |
| 2016-01-25 | CVE-2016-1620 | Unspecified vulnerability in Google Chrome Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 8.8 |
| 2016-01-25 | CVE-2016-1619 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document. | 7.6 |