CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
651 CVE-2016-6703 284 Exec Code 2016-11-25 2016-12-06
6.8
None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246.
652 CVE-2016-6702 284 Exec Code 2016-11-25 2016-12-06
6.8
None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses libjpeg. Android ID: A-30259087.
653 CVE-2016-6701 119 Exec Code Overflow Mem. Corr. 2016-11-25 2016-12-06
6.8
None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability in libskia in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the context of the gallery process. Android ID: A-30190637.
654 CVE-2016-6700 264 Exec Code 2016-11-25 2016-12-06
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability in libzipfile in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30916186.
655 CVE-2016-6699 119 Exec Code Overflow Mem. Corr. 2016-12-13 2016-12-14
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Android ID: A-31373622.
656 CVE-2016-6698 200 +Info 2016-11-25 2016-12-06
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30741851. References: Qualcomm QC-CR#1058826.
657 CVE-2016-6696 20 DoS 2016-10-10 2016-12-06
7.5
None Remote Low Not required Partial Partial Partial
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm internal bug CR 1041130.
658 CVE-2016-6695 119 DoS Overflow 2016-10-10 2016-12-06
7.5
None Remote Low Not required Partial Partial Partial
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted visualizer data length, aka Qualcomm internal bug CR 1033540.
659 CVE-2016-6694 20 DoS 2016-10-10 2016-12-06
7.5
None Remote Low Not required Partial Partial Partial
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted parameter data, aka Qualcomm internal bug CR 1033525.
660 CVE-2016-6693 20 DoS 2016-10-10 2016-12-06
7.5
None Remote Low Not required Partial Partial Partial
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via an invalid data length, aka Qualcomm internal bug CR 1027585.
661 CVE-2016-6692 476 DoS 2016-10-10 2016-12-06
7.5
None Remote Low Not required Partial Partial Partial
drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933.
662 CVE-2016-6691 172 DoS 2016-10-10 2016-12-06
7.5
None Remote Low Not required Partial Partial Partial
service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi gbk2utf module in Android before 2016-10-05 allows remote attackers to cause a denial of service (framework crash) or possibly have unspecified other impact via an access point that has a malformed SSID with GBK encoding, aka Qualcomm internal bug CR 978452.
663 CVE-2016-6690 284 DoS 2016-10-10 2016-12-06
7.1
None Remote Medium Not required None None Complete
The sound driver in the kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Nexus Player devices allows attackers to cause a denial of service (reboot) via a crafted application, aka internal bug 28838221.
664 CVE-2016-6689 200 +Info 2016-10-10 2017-09-02
4.3
None Remote Medium Not required Partial None None
Binder in the kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30768347.
665 CVE-2016-6688 200 +Info 2016-10-10 2016-12-06
4.3
None Remote Medium Not required Partial None None
The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30593080.
666 CVE-2016-6687 200 +Info 2016-10-10 2016-12-06
4.3
None Remote Medium Not required Partial None None
The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30162222.
667 CVE-2016-6686 200 +Info 2016-10-10 2016-12-06
4.3
None Remote Medium Not required Partial None None
The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30163101.
668 CVE-2016-6685 200 +Info 2016-10-10 2016-12-06
4.3
None Remote Medium Not required Partial None None
The kernel in Android before 2016-10-05 on Nexus 6P devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30402628.
669 CVE-2016-6684 200 +Info 2016-10-10 2016-12-06
4.3
None Remote Medium Not required Partial None None
The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30148243.
670 CVE-2016-6683 200 +Info 2016-10-10 2016-12-06
4.3
None Remote Medium Not required Partial None None
The kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30143283.
671 CVE-2016-6682 200 +Info 2016-10-10 2016-12-06
4.3
None Remote Medium Not required Partial None None
drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 30152501 and Qualcomm internal bug CR 1049615.
672 CVE-2016-6681 200 +Info 2016-10-10 2016-12-06
4.3
None Remote Medium Not required Partial None None
drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 30152182 and Qualcomm internal bug CR 1049521.
673 CVE-2016-6680 200 +Info 2016-10-10 2016-12-06
6.8
None Remote Medium Not required Partial Partial Partial
CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes an iw_set_priv ioctl call, aka Android internal bug 29982678 and Qualcomm internal bug CR 1048052.
674 CVE-2016-6679 200 +Info 2016-10-10 2016-12-06
4.3
None Remote Medium Not required Partial None None
CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes a setwpaie ioctl call, aka Android internal bug 29915601 and Qualcomm internal bug CR 1000913.
675 CVE-2016-6678 200 +Info 2016-10-10 2017-01-17
4.3
None Remote Medium Not required Partial None None
The Motorola USBNet driver in Android before 2016-10-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 29914434.
676 CVE-2016-6677 200 +Info 2016-10-10 2016-12-06
4.3
None Remote Medium Not required Partial None None
The NVIDIA GPU driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30259955.
677 CVE-2016-6676 119 DoS Overflow +Priv 2016-10-10 2016-12-06
9.3
None Remote Medium Not required Complete Complete Complete
Off-by-one error in CORE/HDD/src/wlan_hdd_cfg.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application that makes a GET_CFG ioctl call, aka Android internal bug 30874066 and Qualcomm internal bug CR 1000853.
678 CVE-2016-6675 119 DoS Overflow +Priv 2016-10-10 2016-12-06
9.3
None Remote Medium Not required Complete Complete Complete
Off-by-one error in CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application that makes a linkspeed ioctl call, aka Android internal bug 30873776 and Qualcomm internal bug CR 1000861.
679 CVE-2016-6674 20 +Priv 2016-10-10 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
system_server in Android before 2016-10-05 on Nexus devices allows attackers to gain privileges via a crafted application, aka internal bug 30445380.
680 CVE-2016-6673 264 +Priv 2016-10-10 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The NVIDIA camera driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 30204201.
681 CVE-2016-6672 264 +Priv 2016-10-10 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 30537088.
682 CVE-2016-6492 264 +Priv 2017-01-12 2017-01-18
9.3
None Remote Medium Not required Complete Complete Complete
The MT6573FDVT_SetRegHW function in camera_fdvt.c in the MediaTek driver for Linux allows local users to gain privileges via a crafted application that makes an MT6573FDVTIOC_T_SET_FDCONF_CMD IOCTL call.
683 CVE-2016-5872 20 2017-08-18 2017-08-21
10.0
None Remote Low Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated.
684 CVE-2016-5871 190 Overflow 2017-08-18 2017-08-23
10.0
None Remote Low Not required Complete Complete Complete
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file.
685 CVE-2016-5868 264 Exec Code 2017-09-25 2017-09-28
7.6
None Remote High Not required Complete Complete Complete
drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process.
686 CVE-2016-5867 264 Overflow 2017-08-16 2017-08-20
7.6
None Remote High Not required Complete Complete Complete
In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow.
687 CVE-2016-5864 264 Overflow 2017-08-16 2017-08-20
9.3
None Remote Medium Not required Complete Complete Complete
In an audio driver function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, some parameters are from userspace, and if they are set to a large value, integer overflow is possible followed by buffer overflow. In another function, a missing check for a lower bound may result in an out of bounds memory access.
688 CVE-2016-5863 264 2017-08-16 2017-08-20
9.3
None Remote Medium Not required Complete Complete Complete
In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses.
689 CVE-2016-5862 264 2017-08-16 2017-08-20
7.6
None Remote High Not required Complete Complete Complete
When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel crash occurs.
690 CVE-2016-5861 264 Overflow 2017-08-16 2017-08-20
8.3
None Local Network Low Not required Complete Complete Complete
In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow.
691 CVE-2016-5860 264 Overflow 2017-08-16 2017-08-20
7.6
None Remote High Not required Complete Complete Complete
In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a heap buffer overflow.
692 CVE-2016-5859 264 Overflow 2017-08-16 2017-08-18
7.6
None Remote High Not required Complete Complete Complete
In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow.
693 CVE-2016-5858 200 +Info 2017-08-16 2017-08-18
2.6
None Remote High Not required Partial None None
In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs.
694 CVE-2016-5857 264 Exec Code 2017-03-20 2017-05-10
6.9
None Local Medium Not required Complete Complete Complete
The Qualcomm SPCom driver in Android before 7.0 allows local users to execute arbitrary code within the context of the kernel via a crafted application, aka Android internal bug 34386529 and Qualcomm internal bug CR#1094140.
695 CVE-2016-5856 264 +Priv 2017-04-12 2017-04-19
7.6
None Remote High Not required Complete Complete Complete
Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857.
696 CVE-2016-5855 200 +Info 2017-08-16 2017-08-18
2.6
None Remote High Not required Partial None None
In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough.
697 CVE-2016-5854 200 +Info 2017-08-16 2017-08-18
2.6
None Remote High Not required Partial None None
In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace.
698 CVE-2016-5853 264 Exec Code 2017-08-16 2017-09-28
7.6
None Remote High Not required Complete Complete Complete
In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed, but code execution continues in the same way as for a correct length value.
699 CVE-2016-5696 200 +Info 2016-08-06 2017-09-19
5.8
None Remote Medium Not required None Partial Partial
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
700 CVE-2016-5349 200 +Info 2017-04-06 2017-07-10
4.3
None Remote Medium Not required Partial None None
The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications inside Qualcomm Secure Execution Environment (QSEE) receive memory addresses from a high level operating system (HLOS) such as Linux Android, those address have previously been verified as belonging to HLOS memory space rather than QSEE memory space, but they were not verified to be from HLOS user space rather than kernel space. This lack of verification could lead to privilege escalation within the HLOS.
Total number of vulnerabilities : 884   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 (This Page)15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.