Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-10 | CVE-2016-5325 | HTTP Response Splitting vulnerability in multiple products CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the reason argument. | 6.1 |
| 2016-10-10 | CVE-2016-6690 | Improper Access Control vulnerability in Google Android The sound driver in the kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Nexus Player devices allows attackers to cause a denial of service (reboot) via a crafted application, aka internal bug 28838221. | 5.5 |
| 2016-10-10 | CVE-2016-6689 | Information Exposure vulnerability in Google Android Binder in the kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30768347. | 5.5 |
| 2016-10-10 | CVE-2016-6688 | Information Exposure vulnerability in Google Android The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30593080. | 5.5 |
| 2016-10-10 | CVE-2016-6687 | Information Exposure vulnerability in Google Android The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30162222. | 5.5 |
| 2016-10-10 | CVE-2016-6686 | Information Exposure vulnerability in Google Android The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30163101. | 5.5 |
| 2016-10-10 | CVE-2016-6685 | Information Exposure vulnerability in Google Android The kernel in Android before 2016-10-05 on Nexus 6P devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30402628. | 5.5 |
| 2016-10-10 | CVE-2016-6684 | Information Exposure vulnerability in Google Android 7.0 The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30148243. | 5.5 |
| 2016-10-10 | CVE-2016-6683 | Information Exposure vulnerability in Google Android The kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30143283. | 5.5 |
| 2016-10-10 | CVE-2016-6682 | Information Exposure vulnerability in Google Android drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 30152501 and Qualcomm internal bug CR 1049615. | 5.5 |