National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:google:android:2.2.2
There are 1,226 matching records.
Displaying matches 441 through 460.
Vuln ID Summary CVSS Severity
CVE-2016-3901

Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999161 and Qualcomm internal bug CR 1046434.

Published: October 10, 2016; 06:59:08 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3860

sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29323142 and Qualcomm internal bug CR 1038127.

Published: October 10, 2016; 06:59:05 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2015-8956

The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.

Published: October 10, 2016; 06:59:04 AM -04:00
V3.0: 6.1 MEDIUM
    V2: 3.6 LOW
CVE-2015-8951

Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 30142668 and Qualcomm internal bug CR 948902.

Published: October 10, 2016; 06:59:02 AM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3894

The Qualcomm DMA component in Android before 2016-09-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29618014 and Qualcomm internal bug CR1042033.

Published: September 11, 2016; 05:59:38 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-3893

The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29512527 and Qualcomm internal bug CR856400.

Published: September 11, 2016; 05:59:37 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-3892

The Qualcomm SPMI driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28760543 and Qualcomm internal bug CR1024197.

Published: September 11, 2016; 05:59:36 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-3877

Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors.

Published: September 11, 2016; 05:59:21 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-3874

CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus 5X devices does not properly validate the arguments array, which allows attackers to gain privileges via a crafted application that sends a WE_UNIT_TEST_CMD command, aka Android internal bug 29944562 and Qualcomm internal bug CR997797.

Published: September 11, 2016; 05:59:17 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3873

The NVIDIA kernel in Android before 2016-09-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 29518457.

Published: September 11, 2016; 05:59:16 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3869

The Broadcom Wi-Fi driver in Android before 2016-09-05 on Nexus 5, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29009982 and Broadcom internal bug RB#96070.

Published: September 11, 2016; 05:59:12 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3868

The Qualcomm power driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28967028 and Qualcomm internal bug CR1032875.

Published: September 11, 2016; 05:59:11 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3867

The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28919863 and Qualcomm internal bug CR1037897.

Published: September 11, 2016; 05:59:10 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3866

The Qualcomm sound driver in Android before 2016-09-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28868303 and Qualcomm internal bug CR1032820.

Published: September 11, 2016; 05:59:09 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3865

The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28799389.

Published: September 11, 2016; 05:59:07 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3864

The Qualcomm radio interface layer in Android before 2016-09-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28823714 and Qualcomm internal bug CR913117.

Published: September 11, 2016; 05:59:06 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3859

The Qualcomm camera driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28815326 and Qualcomm internal bug CR1034641.

Published: September 11, 2016; 05:59:01 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3858

Buffer overflow in drivers/soc/qcom/subsystem_restart.c in the Qualcomm subsystem driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application that provides a long string, aka Android internal bug 28675151 and Qualcomm internal bug CR1022641.

Published: September 11, 2016; 05:59:00 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-5344

Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service or possibly have unspecified other impact via a large size value, related to mdss_compat_utils.c, mdss_fb.c, and mdss_rotator.c.

Published: August 30, 2016; 01:59:03 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2016-5342

Heap-based buffer overflow in the wcnss_wlan_write function in drivers/net/wireless/wcnss/wcnss_wlan.c in the wcnss_wlan device driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service or possibly have unspecified other impact by writing to /dev/wcnss_wlan with an unexpected amount of data.

Published: August 30, 2016; 01:59:02 PM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH