Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-12 | CVE-2016-6771 | Improper Access Control vulnerability in Google Android 6.0/6.0.1/7.0 An elevation of privilege vulnerability in Telephony could enable a local malicious application to access system functions beyond its access level. | 5.3 |
| 2017-01-12 | CVE-2016-6769 | Improper Access Control vulnerability in Google Android An elevation of privilege vulnerability in Smart Lock could enable a local malicious user to access Smart Lock settings without a PIN. | 4.6 |
| 2017-01-12 | CVE-2016-6767 | Resource Management Errors vulnerability in Google Android A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 5.5 |
| 2017-01-12 | CVE-2016-6766 | Data Processing Errors vulnerability in Google Android A denial of service vulnerability in libmedia and libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 5.5 |
| 2017-01-12 | CVE-2016-6765 | Data Processing Errors vulnerability in Google Android A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 5.5 |
| 2017-01-12 | CVE-2016-6764 | Resource Management Errors vulnerability in Google Android A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. | 5.5 |
| 2017-01-12 | CVE-2016-6763 | Improper Access Control vulnerability in Google Android A denial of service vulnerability in Telephony could enable a local malicious application to use a specially crafted file to cause a device hang or reboot. | 5.5 |
| 2016-12-23 | CVE-2016-6910 | Information Exposure vulnerability in Google Android 5.0.2/5.1.1/6.0.1 The non-existent notification listener vulnerability was introduced in the initial Android 5.0.2 builds for the Samsung Galaxy S6 Edge devices, but the vulnerability can persist on the device even after the device has been upgraded to an Android 5.1.1 or 6.0.1 build. | 5.5 |
| 2016-12-18 | CVE-2016-5193 | Improper Input Validation vulnerability in Google Chrome Google Chrome prior to 54.0 for iOS had insufficient validation of URLs for windows open by DOM, which allowed a remote attacker to bypass restrictions on navigation to certain URL schemes via crafted HTML pages. | 4.3 |
| 2016-12-18 | CVE-2016-5192 | Improper Access Control vulnerability in Google Chrome Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in TextTrackLoader, which allowed a remote attacker to bypass cross-origin restrictions via crafted HTML pages. | 6.5 |