Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-0571 9.3
The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to
31-07-2020 - 18:56 09-05-2016 - 10:59
CVE-2015-0570 9.3
Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other pro
31-07-2020 - 18:51 09-05-2016 - 10:59
CVE-2015-0569 9.3
Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices
31-07-2020 - 18:45 09-05-2016 - 10:59
CVE-2016-2460 4.3
mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGrap
11-07-2019 - 14:15 09-05-2016 - 10:59
CVE-2016-0705 10.0
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other imp
20-02-2019 - 16:59 03-03-2016 - 20:59
CVE-2015-1805 7.2
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a den
05-01-2018 - 02:30 08-08-2015 - 10:59
CVE-2016-4477 4.4
wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafte
23-10-2017 - 01:29 09-05-2016 - 10:59
CVE-2016-2434 9.3
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.
19-10-2017 - 01:30 09-05-2016 - 10:59
CVE-2016-2431 9.3
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 24968809.
02-09-2017 - 15:01 09-05-2016 - 10:59
CVE-2016-2446 7.6
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.
13-08-2017 - 01:29 09-05-2016 - 10:59
CVE-2016-0774 5.6
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do
03-12-2016 - 03:18 27-04-2016 - 17:59
CVE-2016-2442 7.6
The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907.
18-08-2016 - 15:21 09-05-2016 - 10:59
CVE-2016-2441 7.6
The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602.
16-08-2016 - 12:41 09-05-2016 - 10:59
CVE-2016-2457 2.1
server/pm/UserManagerService.java in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to bypass intended restrictions on Wi-Fi configuration changes by leveraging guest access, aka internal bug 27411
12-07-2016 - 17:11 09-05-2016 - 10:59
CVE-2016-2456 5.1
The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27275187.
16-05-2016 - 18:37 09-05-2016 - 10:59
CVE-2016-2060 9.3
server/TetherController.cpp in the tethering controller in netd, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate upstream interface names, which allows attacke
16-05-2016 - 13:56 09-05-2016 - 10:59
CVE-2016-2461 7.6
OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 276966
10-05-2016 - 18:23 09-05-2016 - 10:59
CVE-2016-2462 7.6
OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bug 27371173.
10-05-2016 - 18:20 09-05-2016 - 10:59
CVE-2016-2439 5.4
Buffer overflow in btif/src/btif_dm.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows remote attackers to execute arbitrary code via a long PIN value, aka internal bug 27411268.
10-05-2016 - 17:57 09-05-2016 - 10:59
CVE-2016-2458 4.3
The compose functionality in AOSP Mail in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly restrict attachments, which allows attackers to obtain sensitive information via a crafted application, related to C
10-05-2016 - 17:56 09-05-2016 - 10:59
CVE-2016-2448 9.3
media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly validate entry data structures, which allows attackers to
10-05-2016 - 17:55 09-05-2016 - 10:59
CVE-2016-2449 9.3
services/camera/libcameraservice/device3/Camera3Device.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate template IDs, which allows attackers to gain privileges via a c
10-05-2016 - 17:55 09-05-2016 - 10:59
CVE-2016-2452 9.3
codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate buffer sizes, which allows attackers to gain privileges via a crafted appli
10-05-2016 - 17:54 09-05-2016 - 10:59
CVE-2016-2440 9.3
libs/binder/IPCThreadState.cpp in Binder in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 mishandles object references, which allows attackers to gain privileges via a crafted application, aka internal bu
10-05-2016 - 17:28 09-05-2016 - 10:59
CVE-2016-2429 10.0
libFLAC/stream_decoder.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not prevent free operations on uninitialized memory, which allows remote attackers to execute arbitrary code o
10-05-2016 - 17:27 09-05-2016 - 10:59
CVE-2016-2428 10.0
libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limit the number of threads, which allows remote attackers to execute arbitrary code or cause
10-05-2016 - 17:25 09-05-2016 - 10:59
CVE-2016-2430 9.3
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containing a crafted symbol name, aka internal bug 27299236.
10-05-2016 - 17:20 09-05-2016 - 10:59
CVE-2016-2451 9.3
codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate VPX output buffer sizes, which allows attackers to gain privileges via a craf
10-05-2016 - 17:15 09-05-2016 - 10:59
CVE-2016-2450 9.3
codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a craf
10-05-2016 - 17:15 09-05-2016 - 10:59
CVE-2016-2459 4.3
mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGrap
09-05-2016 - 22:08 09-05-2016 - 10:59
CVE-2016-2432 9.3
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059.
09-05-2016 - 22:04 09-05-2016 - 10:59
CVE-2016-2437 9.3
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.
09-05-2016 - 21:55 09-05-2016 - 10:59
CVE-2016-2445 7.6
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.
09-05-2016 - 21:55 09-05-2016 - 10:59
CVE-2016-2453 7.6
The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27549705.
09-05-2016 - 21:54 09-05-2016 - 10:59
CVE-2016-2435 9.3
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.
09-05-2016 - 21:53 09-05-2016 - 10:59
CVE-2016-2444 7.6
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.
09-05-2016 - 21:52 09-05-2016 - 10:59
CVE-2016-2443 7.6
The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 26404525.
09-05-2016 - 21:49 09-05-2016 - 10:59
CVE-2016-2436 9.3
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.
09-05-2016 - 21:47 09-05-2016 - 10:59
CVE-2016-2454 7.1
The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service (reboot) via a crafted file, aka internal bug 26221024.
09-05-2016 - 21:29 09-05-2016 - 10:59
Back to Top Mark selected
Back to Top