National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:google:android:2.3.5
There are 629 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2016-6740

An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30143904. References: Qualcomm QC-CR#1056307.

Published: November 25, 2016; 11:59:43 AM -05:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-6739

An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30074605. References: Qualcomm QC-CR#1049826.

Published: November 25, 2016; 11:59:42 AM -05:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-6738

An elevation of privilege vulnerability in the Qualcomm crypto engine driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30034511. References: Qualcomm QC-CR#1050538.

Published: November 25, 2016; 11:59:41 AM -05:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-6737

An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30928456.

Published: November 25, 2016; 11:59:40 AM -05:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-6736

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30953284. References: NVIDIA N-CVE-2016-6736.

Published: November 25, 2016; 11:59:38 AM -05:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-6735

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30907701. References: NVIDIA N-CVE-2016-6735.

Published: November 25, 2016; 11:59:37 AM -05:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-6734

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30907120. References: NVIDIA N-CVE-2016-6734.

Published: November 25, 2016; 11:59:36 AM -05:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-6733

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30906694. References: NVIDIA N-CVE-2016-6733.

Published: November 25, 2016; 11:59:35 AM -05:00
V3: 7.3 HIGH
V2: 9.3 HIGH
CVE-2016-6732

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30906599. References: NVIDIA N-CVE-2016-6732.

Published: November 25, 2016; 11:59:34 AM -05:00
V3: 7.3 HIGH
V2: 9.3 HIGH
CVE-2016-6731

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30906023. References: NVIDIA N-CVE-2016-6731.

Published: November 25, 2016; 11:59:33 AM -05:00
V3: 7.3 HIGH
V2: 9.3 HIGH
CVE-2016-6730

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30904789. References: NVIDIA N-CVE-2016-6730.

Published: November 25, 2016; 11:59:31 AM -05:00
V3: 7.3 HIGH
V2: 9.3 HIGH
CVE-2016-6729

An elevation of privilege vulnerability in the Qualcomm bootloader in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30977990. References: Qualcomm QC-CR#977684.

Published: November 25, 2016; 11:59:30 AM -05:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-6728

An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30400942.

Published: November 25, 2016; 11:59:30 AM -05:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-6725

A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Android ID: A-30515053. References: Qualcomm QC-CR#1050970.

Published: November 25, 2016; 11:59:29 AM -05:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2016-6718

An elevation of privilege vulnerability in the Account Manager Service in Android 7.0 before 2016-11-01 could enable a local malicious application to retrieve sensitive information without user interaction. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission.) Android ID: A-30455516.

Published: November 25, 2016; 11:59:23 AM -05:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6716

An elevation of privilege vulnerability in the AOSP Launcher in Android 7.0 before 2016-11-01 could allow a local malicious application to create shortcuts that have elevated privileges without the user's consent. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission). Android ID: A-30778130.

Published: November 25, 2016; 11:59:20 AM -05:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6710

An information disclosure vulnerability in the download manager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does not have access to. Android ID: A-30537115.

Published: November 25, 2016; 11:59:16 AM -05:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-6708

An elevation of privilege in the System UI in Android 7.0 before 2016-11-01 could enable a local malicious user to bypass the security prompt of your work profile in Multi-Window mode. This issue is rated as High because it is a local bypass of user interaction requirements for any developer or security setting modifications. Android ID: A-30693465.

Published: November 25, 2016; 11:59:13 AM -05:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2016-6703

A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246.

Published: November 25, 2016; 11:59:09 AM -05:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2016-6701

A remote code execution vulnerability in libskia in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the context of the gallery process. Android ID: A-30190637.

Published: November 25, 2016; 11:59:06 AM -05:00
V3: 7.8 HIGH
V2: 6.8 MEDIUM