Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-06-13 CVE-2016-10340 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler.
local
low complexity
google CWE-119
7.8
7.8
2017-06-13 CVE-2016-10339 Information Exposure vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore.
local
low complexity
google CWE-200
7.1
7.1
2017-06-13 CVE-2016-10338 Improper Input Validation vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing.
local
low complexity
google CWE-20
7.8
7.8
2017-06-13 CVE-2015-9033 Improper Input Validation vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a pointer.
local
low complexity
google CWE-20
7.8
7.8
2017-06-13 CVE-2015-9030 Missing Authentication for Critical Function vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication.
local
low complexity
google CWE-306
7.8
7.8
2017-06-13 CVE-2015-9029 Improper Access Control vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access control settings of modem memory.
local
low complexity
google CWE-284
7.8
7.8
2017-06-13 CVE-2015-9028 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a cryptographic routine.
local
low complexity
google CWE-119
7.8
7.8
2017-06-13 CVE-2015-9027 NULL Pointer Dereference vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM.
local
low complexity
google CWE-476
7.8
7.8
2017-06-13 CVE-2015-9026 NULL Pointer Dereference vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM.
local
low complexity
google CWE-476
7.8
7.8
2017-06-13 CVE-2015-9025 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application.
local
low complexity
google CWE-119
7.8
7.8