National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:google:android:2.2.2
There are 627 matching records.
Displaying matches 201 through 220.
Vuln ID Summary CVSS Severity
CVE-2016-3906

An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30445973. References: Qualcomm QC-CR#1054344.

Published: November 25, 2016; 11:59:01 AM -05:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-3904

An elevation of privilege vulnerability in the Qualcomm bus driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30311977. References: Qualcomm QC-CR#1050455.

Published: November 25, 2016; 11:59:00 AM -05:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-6696

sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm internal bug CR 1041130.

Published: October 10, 2016; 07:00:12 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-6695

sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted visualizer data length, aka Qualcomm internal bug CR 1033540.

Published: October 10, 2016; 07:00:11 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-6694

sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted parameter data, aka Qualcomm internal bug CR 1033525.

Published: October 10, 2016; 07:00:10 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-6693

sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via an invalid data length, aka Qualcomm internal bug CR 1027585.

Published: October 10, 2016; 07:00:10 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-6692

drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933.

Published: October 10, 2016; 07:00:09 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-6691

service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi gbk2utf module in Android before 2016-10-05 allows remote attackers to cause a denial of service (framework crash) or possibly have unspecified other impact via an access point that has a malformed SSID with GBK encoding, aka Qualcomm internal bug CR 978452.

Published: October 10, 2016; 07:00:08 AM -04:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2016-6690

The sound driver in the kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Nexus Player devices allows attackers to cause a denial of service (reboot) via a crafted application, aka internal bug 28838221.

Published: October 10, 2016; 07:00:07 AM -04:00
V3: 5.5 MEDIUM
V2: 7.1 HIGH
CVE-2016-6689

Binder in the kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30768347.

Published: October 10, 2016; 07:00:06 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6688

The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30593080.

Published: October 10, 2016; 07:00:05 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6687

The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30162222.

Published: October 10, 2016; 07:00:04 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6686

The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30163101.

Published: October 10, 2016; 07:00:03 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6685

The kernel in Android before 2016-10-05 on Nexus 6P devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30402628.

Published: October 10, 2016; 07:00:02 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6683

The kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30143283.

Published: October 10, 2016; 07:00:00 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6682

drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 30152501 and Qualcomm internal bug CR 1049615.

Published: October 10, 2016; 06:59:59 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6681

drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 30152182 and Qualcomm internal bug CR 1049521.

Published: October 10, 2016; 06:59:58 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6680

CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes an iw_set_priv ioctl call, aka Android internal bug 29982678 and Qualcomm internal bug CR 1048052.

Published: October 10, 2016; 06:59:57 AM -04:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-6679

CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes a setwpaie ioctl call, aka Android internal bug 29915601 and Qualcomm internal bug CR 1000913.

Published: October 10, 2016; 06:59:56 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6678

The Motorola USBNet driver in Android before 2016-10-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 29914434.

Published: October 10, 2016; 06:59:55 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM