CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities (CVSS score >= 9)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-3679 DoS 2016-03-29 2016-05-18
9.3
None Remote Medium Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
2 CVE-2016-2844 20 DoS 2016-03-05 2016-03-08
9.3
None Remote Medium Not required Complete Complete Complete
WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google Chrome before 49.0.2623.75, does not properly determine when anonymous block wrappers may exist, which allows remote attackers to cause a denial of service (incorrect cast and assertion failure) or possibly have unspecified other impact via crafted JavaScript code.
3 CVE-2016-2843 DoS 2016-03-05 2016-03-08
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, as used in Google Chrome before 49.0.2623.75, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
4 CVE-2016-2452 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bugs 27662364 and 27843673.
5 CVE-2016-2451 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate VPX output buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27597103.
6 CVE-2016-2450 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27569635.
7 CVE-2016-2449 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
services/camera/libcameraservice/device3/Camera3Device.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate template IDs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27568958.
8 CVE-2016-2448 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly validate entry data structures, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27533704.
9 CVE-2016-2440 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
libs/binder/IPCThreadState.cpp in Binder in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 mishandles object references, which allows attackers to gain privileges via a crafted application, aka internal bug 27252896.
10 CVE-2016-2437 264 +Priv 2016-05-09 2016-05-09
9.3
None Remote Medium Not required Complete Complete Complete
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.
11 CVE-2016-2436 264 +Priv 2016-05-09 2016-05-09
9.3
None Remote Medium Not required Complete Complete Complete
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.
12 CVE-2016-2435 264 +Priv 2016-05-09 2016-05-09
9.3
None Remote Medium Not required Complete Complete Complete
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.
13 CVE-2016-2434 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.
14 CVE-2016-2432 264 +Priv 2016-05-09 2016-05-09
9.3
None Remote Medium Not required Complete Complete Complete
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059.
15 CVE-2016-2431 264 +Priv 2016-05-09 2016-05-09
9.3
None Remote Medium Not required Complete Complete Complete
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 24968809.
16 CVE-2016-2430 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containing a crafted symbol name, aka internal bug 27299236.
17 CVE-2016-2429 119 DoS Exec Code Overflow Mem. Corr. 2016-05-09 2016-05-10
10.0
None Remote Low Not required Complete Complete Complete
libFLAC/stream_decoder.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not prevent free operations on uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted media file, aka internal bug 27211885.
18 CVE-2016-2428 119 DoS Exec Code Overflow Mem. Corr. 2016-05-09 2016-05-10
10.0
None Remote Low Not required Complete Complete Complete
libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limit the number of threads, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted media file, aka internal bug 26751339.
19 CVE-2016-2422 264 +Priv 2016-04-17 2016-04-25
9.3
None Remote Medium Not required Complete Complete Complete
Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not prevent use of a Wi-Fi CA certificate in an unrelated CA role, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26324357.
20 CVE-2016-2420 264 +Priv 2016-04-17 2016-04-22
9.3
None Remote Medium Not required Complete Complete Complete
rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the /data/tombstones directory exists for the Debuggerd component, which allows attackers to gain privileges via a crafted application, aka internal bug 26403620.
21 CVE-2016-2419 264 Bypass +Info 2016-04-17 2016-04-25
10.0
None Remote Low Not required Complete Complete Complete
media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize a certain key-request data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26323455.
22 CVE-2016-2418 119 Overflow Bypass +Info 2016-04-17 2016-04-20
10.0
None Remote Low Not required Complete Complete Complete
media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize certain metadata buffer pointers, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26324358.
23 CVE-2016-2417 264 Bypass +Info 2016-04-17 2016-04-25
10.0
None Remote Low Not required Complete Complete Complete
media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a parameter data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26914474.
24 CVE-2016-2416 264 Bypass +Info 2016-04-17 2016-04-25
10.0
None Remote Low Not required Complete Complete Complete
libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for the android.permission.DUMP permission, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via a dump request, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27046057.
25 CVE-2016-2413 264 +Priv 2016-04-17 2016-04-21
9.3
None Remote Medium Not required Complete Complete Complete
media/libmedia/IOMX.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a handle pointer, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26403627.
26 CVE-2016-2412 264 +Priv 2016-04-17 2016-04-22
9.3
None Remote Medium Not required Complete Complete Complete
include/core/SkPostConfig.h in Skia, as used in System_server in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01, mishandles certain crashes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26593930.
27 CVE-2016-2411 20 +Priv 2016-04-17 2016-04-19
9.3
None Remote Medium Not required Complete Complete Complete
A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages root access, aka internal bug 26866053.
28 CVE-2016-2409 264 +Priv 2016-04-17 2016-04-21
9.3
None Remote Medium Not required Complete Complete Complete
A Texas Instruments (TI) haptic kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this driver, aka internal bug 25981545.
29 CVE-2016-2060 264 Bypass 2016-05-09 2016-05-16
9.3
None Remote Medium Not required Complete Complete Complete
server/TetherController.cpp in the tethering controller in netd, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate upstream interface names, which allows attackers to bypass intended access restrictions via a crafted application.
30 CVE-2016-1906 264 +Priv 2016-02-03 2016-02-25
10.0
None Remote Low Not required Complete Complete Complete
The API server in Kubernetes might allow remote attackers to gain privileges by editing a build configuration to use a restricted strategy.
31 CVE-2016-1669 119 DoS Overflow 2016-05-14 2016-05-18
9.3
None Remote Medium Not required Complete Complete Complete
The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.
32 CVE-2016-1662 DoS 2016-05-14 2016-05-18
10.0
None Remote Low Not required Complete Complete Complete
extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
33 CVE-2016-1659 DoS 2016-04-18 2016-05-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
34 CVE-2016-1653 119 DoS Overflow 2016-04-18 2016-05-18
9.3
None Remote Medium Not required Complete Complete Complete
The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related to compiler/pipeline.cc and compiler/simplified-lowering.cc.
35 CVE-2016-1650 DoS 2016-03-29 2016-05-18
9.3
None Remote Medium Not required Complete Complete Complete
The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document.
36 CVE-2016-1649 119 DoS Overflow 2016-03-29 2016-05-18
9.3
None Remote Medium Not required Complete Complete Complete
The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages.
37 CVE-2016-1648 DoS 2016-03-29 2016-05-18
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.
38 CVE-2016-1647 DoS 2016-03-29 2016-05-18
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
39 CVE-2016-1646 119 DoS Overflow 2016-03-29 2016-05-18
9.3
None Remote Medium Not required Complete Complete Complete
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.
40 CVE-2016-1645 119 DoS Overflow 2016-03-13 2016-03-18
9.3
None Remote Medium Not required Complete Complete Complete
Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data.
41 CVE-2016-1644 DoS 2016-03-13 2016-03-18
9.3
None Remote Medium Not required Complete Complete Complete
WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted HTML document.
42 CVE-2016-1643 361 DoS 2016-03-13 2016-03-18
9.3
None Remote Medium Not required Complete Complete Complete
The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
43 CVE-2016-1642 DoS 2016-03-05 2016-03-08
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
44 CVE-2016-1641 DoS 2016-03-05 2016-03-08
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an image download after a certain data structure is deleted, as demonstrated by a favicon.ico download.
45 CVE-2016-1639 DoS 2016-03-05 2016-03-07
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in browser/extensions/api/webrtc_audio_private/webrtc_audio_private_api.cc in the WebRTC Audio Private API implementation in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect reliance on the resource context pointer.
46 CVE-2016-1635 DoS 2016-03-05 2016-03-07
10.0
None Remote Low Not required Complete Complete Complete
extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
47 CVE-2016-1634 DoS 2016-03-05 2016-03-07
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that triggers Cascading Style Sheets (CSS) style invalidation during a certain subtree-removal action.
48 CVE-2016-1633 DoS 2016-03-05 2016-03-07
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
49 CVE-2016-1629 264 Bypass 2016-02-21 2016-03-01
10.0
None Remote Low Not required Complete Complete Complete
Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors.
50 CVE-2016-1621 119 DoS Exec Code Overflow Mem. Corr. 2016-03-12 2016-03-21
10.0
None Remote Low Not required Complete Complete Complete
libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvparser.cpp and other files, aka internal bug 23452792.
Total number of vulnerabilities : 385   Page : 1 (This Page)2 3 4 5 6 7 8
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.