National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:google:android:2.2.2
There are 1,218 matching records.
Displaying matches 541 through 560.
Vuln ID Summary CVSS Severity
CVE-2016-3796

The MediaTek power driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29008443 and MediaTek internal bug ALPS02677244.

Published: July 10, 2016; 10:00:20 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3795

The MediaTek power driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28085222 and MediaTek internal bug ALPS02677244.

Published: July 10, 2016; 10:00:19 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3793

The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28026625.

Published: July 10, 2016; 10:00:18 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3792

CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-07-05 on Nexus 7 (2013) devices mishandles userspace data copying, which allows attackers to gain privileges via a crafted application, aka Android internal bug 27725204 and Qualcomm internal bug CR561022.

Published: July 10, 2016; 10:00:17 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3775

The kernel filesystem implementation in Android before 2016-07-05 on Nexus 5X, Nexus 6, Nexus 6P, Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28588279.

Published: July 10, 2016; 10:00:16 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3774

The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008609 and MediaTek internal bug ALPS02703102.

Published: July 10, 2016; 10:00:15 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3773

The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008363 and MediaTek internal bug ALPS02703102.

Published: July 10, 2016; 10:00:14 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3772

The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008188 and MediaTek internal bug ALPS02703102.

Published: July 10, 2016; 10:00:13 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3771

The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29007611 and MediaTek internal bug ALPS02703102.

Published: July 10, 2016; 10:00:12 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3770

The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28346752 and MediaTek internal bug ALPS02703102.

Published: July 10, 2016; 10:00:12 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3769

The NVIDIA video driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28376656.

Published: July 10, 2016; 10:00:10 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3768

The Qualcomm performance component in Android before 2016-07-05 on Nexus 5, 6, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28172137 and Qualcomm internal bug CR1010644.

Published: July 10, 2016; 10:00:09 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-3767

The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28169363 and MediaTek internal bug ALPS02689526.

Published: July 10, 2016; 10:00:08 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-2505

mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x before 2016-07-01 does not validate a certain section length, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28333006.

Published: July 10, 2016; 09:59:37 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-2503

The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28084795 and Qualcomm internal bug CR1006067.

Published: July 10, 2016; 09:59:36 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-2502

drivers/usb/gadget/f_serial.c in the Qualcomm USB driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a large size in a GSER_IOCTL ioctl call, aka Android internal bug 27657963 and Qualcomm internal bug CR997044.

Published: July 10, 2016; 09:59:35 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-2501

The Qualcomm camera driver in Android before 2016-07-05 on Nexus 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 27890772 and Qualcomm internal bug CR1001092.

Published: July 10, 2016; 09:59:34 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-2068

The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (integer overflow, and buffer overflow or buffer over-read) via a crafted application that performs a (1) AUDIO_EFFECTS_WRITE or (2) AUDIO_EFFECTS_READ operation, aka Qualcomm internal bug CR1006609.

Published: July 10, 2016; 09:59:33 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2016-2067

drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSL_MEMFLAGS_GPUREADONLY flag, which allows attackers to gain privileges by leveraging accidental read-write mappings, aka Qualcomm internal bug CR988993.

Published: July 10, 2016; 09:59:32 PM -04:00
V3.0: 7.8 HIGH
    V2: 9.3 HIGH
CVE-2015-8893

app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to cause a denial of service (OS outage or buffer over-read) via a crafted application, aka Android internal bug 28822690 and Qualcomm internal bug CR822275.

Published: July 10, 2016; 09:59:31 PM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM