National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:google:android:2.2.2
There are 1,221 matching records.
Displaying matches 261 through 280.
Vuln ID Summary CVSS Severity
CVE-2017-0604

An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-35392981. References: QC-CR#826589.

Published: May 12, 2017; 11:29:01 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-0465

An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34112914. References: QC-CR#1110747.

Published: May 12, 2017; 11:29:00 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2016-10282

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33939045. References: M-ALPS03149189.

Published: May 12, 2017; 11:29:00 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2016-10281

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175647. References: M-ALPS02696475.

Published: May 12, 2017; 11:29:00 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2016-10280

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175767. References: M-ALPS02696445.

Published: May 12, 2017; 11:29:00 AM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2016-10276

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32952839. References: QC-CR#1094105.

Published: May 12, 2017; 11:29:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-10275

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-34514954. References: QC-CR#1009111.

Published: May 12, 2017; 11:29:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-10274

An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30202412. References: M-ALPS02897901.

Published: May 12, 2017; 11:29:00 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2017-0331

An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel 3.10. Android ID: A-34113000. References: N-CVE-2017-0331.

Published: May 02, 2017; 05:59:00 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2015-9004

kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.

Published: May 02, 2017; 05:59:00 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2014-9940

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.

Published: May 02, 2017; 05:59:00 PM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2016-2433

The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel.

Published: April 21, 2017; 04:59:00 PM -04:00
V3.0: 8.8 HIGH
    V2: 8.3 HIGH
CVE-2016-6727

The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code.

Published: April 17, 2017; 12:59:00 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-6726

Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices.

Published: April 17, 2017; 12:59:00 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-1155

HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies.

Published: April 13, 2017; 01:59:00 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2014-7920

mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921.

Published: April 13, 2017; 12:59:00 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-5856

Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857.

Published: April 12, 2017; 06:59:00 PM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-0578

An elevation of privilege vulnerability in the DTS sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33964406.

Published: April 07, 2017; 06:59:01 PM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-0566

An elevation of privilege vulnerability in the MediaTek camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28470975. References: M-ALPS02696367.

Published: April 07, 2017; 06:59:01 PM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH
CVE-2017-0565

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175904. References: M-ALPS02696516.

Published: April 07, 2017; 06:59:01 PM -04:00
V3.0: 7.0 HIGH
    V2: 7.6 HIGH