National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:google:android:2.2.2
There are 1,218 matching records.
Displaying matches 421 through 440.
Vuln ID Summary CVSS Severity
CVE-2016-3933

mediaserver in Android before 2016-10-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 29421408.

Published: October 10, 2016; 06:59:37 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3932

mediaserver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 29161895 and MediaTek internal bug ALPS02770870.

Published: October 10, 2016; 06:59:36 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3931

drivers/misc/qseecom.c in the Qualcomm QSEE Communicator driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29157595 and Qualcomm internal bug CR 1036418.

Published: October 10, 2016; 06:59:35 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3930

The NVIDIA MMC test driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28760138.

Published: October 10, 2016; 06:59:34 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3929

Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823675.

Published: October 10, 2016; 06:59:33 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-3928

The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019362 and MediaTek internal bug ALPS02829384.

Published: October 10, 2016; 06:59:32 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3927

Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823244.

Published: October 10, 2016; 06:59:31 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-3926

Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5, 5X, 6, and 6P devices has unknown impact and attack vectors, aka internal bug 28823953.

Published: October 10, 2016; 06:59:30 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-3923

The Accessibility services in Android 7.0 before 2016-10-01 mishandle motion events, which allows attackers to conduct touchjacking attacks and consequently gain privileges via a crafted application, aka internal bug 30647115.

Published: October 10, 2016; 06:59:27 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-3905

CORE/HDD/src/wlan_hdd_main.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application that sends a SENDACTIONFRAME command, aka Android internal bug 28061823 and Qualcomm internal bug CR 1001449.

Published: October 10, 2016; 06:59:11 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3903

drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29513227 and Qualcomm internal bug CR 1040857.

Published: October 10, 2016; 06:59:10 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3902

drivers/platform/msm/ipa/ipa_qmi_service.c in the Qualcomm IPA driver in Android before 2016-10-05 on Nexus 5X and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29953313 and Qualcomm internal bug CR 1044072.

Published: October 10, 2016; 06:59:09 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-3901

Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999161 and Qualcomm internal bug CR 1046434.

Published: October 10, 2016; 06:59:08 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3860

sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29323142 and Qualcomm internal bug CR 1038127.

Published: October 10, 2016; 06:59:05 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-8956

The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.

Published: October 10, 2016; 06:59:04 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 3.6 LOW
CVE-2015-8951

Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 30142668 and Qualcomm internal bug CR 948902.

Published: October 10, 2016; 06:59:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3894

The Qualcomm DMA component in Android before 2016-09-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29618014 and Qualcomm internal bug CR1042033.

Published: September 11, 2016; 05:59:38 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-3893

The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29512527 and Qualcomm internal bug CR856400.

Published: September 11, 2016; 05:59:37 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-3892

The Qualcomm SPMI driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28760543 and Qualcomm internal bug CR1024197.

Published: September 11, 2016; 05:59:36 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-3877

Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors.

Published: September 11, 2016; 05:59:21 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH