CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities (Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-4477 19 DoS +Priv 2016-05-09 2016-05-10
4.4
None Local Medium Not required Partial Partial Partial
wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.
2 CVE-2016-2456 264 +Priv 2016-05-09 2016-05-16
5.1
None Remote High Not required Partial Partial Partial
The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27275187.
3 CVE-2016-2453 264 +Priv 2016-05-09 2016-05-09
7.6
None Remote High Not required Complete Complete Complete
The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27549705.
4 CVE-2016-2452 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bugs 27662364 and 27843673.
5 CVE-2016-2451 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate VPX output buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27597103.
6 CVE-2016-2450 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27569635.
7 CVE-2016-2449 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
services/camera/libcameraservice/device3/Camera3Device.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate template IDs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27568958.
8 CVE-2016-2448 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly validate entry data structures, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27533704.
9 CVE-2016-2446 264 +Priv 2016-05-09 2016-05-09
7.6
None Remote High Not required Complete Complete Complete
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.
10 CVE-2016-2445 264 +Priv 2016-05-09 2016-05-09
7.6
None Remote High Not required Complete Complete Complete
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.
11 CVE-2016-2444 264 +Priv 2016-05-09 2016-05-09
7.6
None Remote High Not required Complete Complete Complete
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.
12 CVE-2016-2443 264 +Priv 2016-05-09 2016-05-09
7.6
None Remote High Not required Complete Complete Complete
The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 26404525.
13 CVE-2016-2442 264 +Priv 2016-05-09 2016-05-10
7.6
None Remote High Not required Complete Complete Complete
The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907.
14 CVE-2016-2441 264 +Priv 2016-05-09 2016-05-10
7.6
None Remote High Not required Complete Complete Complete
The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602.
15 CVE-2016-2440 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
libs/binder/IPCThreadState.cpp in Binder in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 mishandles object references, which allows attackers to gain privileges via a crafted application, aka internal bug 27252896.
16 CVE-2016-2437 264 +Priv 2016-05-09 2016-05-09
9.3
None Remote Medium Not required Complete Complete Complete
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.
17 CVE-2016-2436 264 +Priv 2016-05-09 2016-05-09
9.3
None Remote Medium Not required Complete Complete Complete
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.
18 CVE-2016-2435 264 +Priv 2016-05-09 2016-05-09
9.3
None Remote Medium Not required Complete Complete Complete
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.
19 CVE-2016-2434 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.
20 CVE-2016-2432 264 +Priv 2016-05-09 2016-05-09
9.3
None Remote Medium Not required Complete Complete Complete
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059.
21 CVE-2016-2431 264 +Priv 2016-05-09 2016-05-09
9.3
None Remote Medium Not required Complete Complete Complete
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 24968809.
22 CVE-2016-2430 264 +Priv 2016-05-09 2016-05-10
9.3
None Remote Medium Not required Complete Complete Complete
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containing a crafted symbol name, aka internal bug 27299236.
23 CVE-2016-2422 264 +Priv 2016-04-17 2016-04-25
9.3
None Remote Medium Not required Complete Complete Complete
Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not prevent use of a Wi-Fi CA certificate in an unrelated CA role, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26324357.
24 CVE-2016-2420 264 +Priv 2016-04-17 2016-04-22
9.3
None Remote Medium Not required Complete Complete Complete
rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the /data/tombstones directory exists for the Debuggerd component, which allows attackers to gain privileges via a crafted application, aka internal bug 26403620.
25 CVE-2016-2413 264 +Priv 2016-04-17 2016-04-21
9.3
None Remote Medium Not required Complete Complete Complete
media/libmedia/IOMX.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a handle pointer, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26403627.
26 CVE-2016-2412 264 +Priv 2016-04-17 2016-04-22
9.3
None Remote Medium Not required Complete Complete Complete
include/core/SkPostConfig.h in Skia, as used in System_server in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01, mishandles certain crashes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26593930.
27 CVE-2016-2411 20 +Priv 2016-04-17 2016-04-19
9.3
None Remote Medium Not required Complete Complete Complete
A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages root access, aka internal bug 26866053.
28 CVE-2016-2410 264 +Priv 2016-04-17 2016-04-20
6.9
None Local Medium Not required Complete Complete Complete
A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this driver, aka internal bug 26291677.
29 CVE-2016-2409 264 +Priv 2016-04-17 2016-04-21
9.3
None Remote Medium Not required Complete Complete Complete
A Texas Instruments (TI) haptic kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this driver, aka internal bug 25981545.
30 CVE-2016-1906 264 +Priv 2016-02-03 2016-02-25
10.0
None Remote Low Not required Complete Complete Complete
The API server in Kubernetes might allow remote attackers to gain privileges by editing a build configuration to use a restricted strategy.
31 CVE-2016-0849 189 Overflow +Priv 2016-04-17 2016-04-20
7.2
None Local Low Not required Complete Complete Complete
Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26960931.
32 CVE-2016-0846 264 +Priv 2016-04-17 2016-04-20
7.2
None Local Low Not required Complete Complete Complete
libs/binder/IMemory.cpp in the IMemory Native Interface in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider the heap size, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26877992.
33 CVE-2016-0844 264 +Priv 2016-04-17 2016-04-20
7.2
None Local Low Not required Complete Complete Complete
The Qualcomm RF driver in Android 6.x before 2016-04-01 does not properly restrict access to socket ioctl calls, which allows attackers to gain privileges via a crafted application, aka internal bug 26324307.
34 CVE-2016-0843 264 +Priv 2016-04-17 2016-04-20
7.2
None Local Low Not required Complete Complete Complete
The Qualcomm ARM processor performance-event manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application, aka internal bug 25801197.
35 CVE-2016-0827 189 Overflow +Priv 2016-03-12 2016-03-21
9.3
None Remote Medium Not required Complete Complete Complete
Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, related to EffectBundle.cpp and EffectReverb.cpp, aka internal bug 26347509.
36 CVE-2016-0826 264 +Priv 2016-03-12 2016-03-21
9.3
None Remote Medium Not required Complete Complete Complete
libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly dumps, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26265403.
37 CVE-2016-0822 264 +Priv 2016-03-12 2016-03-22
7.6
None Remote High Not required Complete Complete Complete
The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324.
38 CVE-2016-0820 264 +Priv 2016-03-12 2016-03-21
9.3
None Remote Medium Not required Complete Complete Complete
The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358.
39 CVE-2016-0819 264 +Priv 2016-03-12 2016-03-21
9.3
None Remote Medium Not required Complete Complete Complete
The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 25364034.
40 CVE-2016-0810 264 +Priv 2016-02-06 2016-03-14
6.9
None Local Medium Not required Complete Complete Complete
media/libmedia/SoundPool.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 mishandles locking requirements, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25781119.
41 CVE-2016-0809 264 +Priv 2016-02-06 2016-03-14
8.3
None Local Network Low Not required Complete Complete Complete
Use-after-free vulnerability in the wifi_cleanup function in bcmdhd/wifi_hal/wifi_hal.cpp in Wi-Fi in Android 6.x before 2016-02-01 allows attackers to gain privileges by leveraging access to the local physical environment during execution of a crafted application, aka internal bug 25753768.
42 CVE-2016-0807 264 +Priv 2016-02-06 2016-03-11
7.2
None Local Low Not required Complete Complete Complete
The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394.
43 CVE-2016-0806 264 +Priv 2016-02-06 2016-03-16
7.2
None Local Low Not required Complete Complete Complete
The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25344453.
44 CVE-2016-0805 264 +Priv 2016-02-06 2016-03-11
7.2
None Local Low Not required Complete Complete Complete
The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204.
45 CVE-2016-0774 20 DoS +Priv 2016-04-27 2016-05-16
5.6
None Local Low Not required Partial None Complete
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux (RHEL) 7.1 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun." NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-1805.
46 CVE-2016-0728 DoS Overflow +Priv 2016-02-07 2016-03-24
7.2
None Local Low Not required Complete Complete Complete
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.
47 CVE-2015-7717 264 +Priv 2015-10-06 2015-10-07
9.3
None Remote Medium Not required Complete Complete Complete
mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 19573085, a different vulnerability than CVE-2015-6596.
48 CVE-2015-6647 264 +Priv 2016-01-06 2016-01-07
9.3
None Remote Medium Not required Complete Complete Complete
The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554.
49 CVE-2015-6640 264 DoS +Priv 2016-01-06 2016-01-07
9.3
None Remote Medium Not required Complete Complete Complete
The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service (vma list corruption) via a crafted application, aka internal bug 20017123.
50 CVE-2015-6639 264 +Priv 2016-01-06 2016-01-07
9.3
None Remote Medium Not required Complete Complete Complete
The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875.
Total number of vulnerabilities : 86   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.