National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:google:android:2.3.5
There are 627 matching records.
Displaying matches 241 through 260.
Vuln ID Summary CVSS Severity
CVE-2016-3923

The Accessibility services in Android 7.0 before 2016-10-01 mishandle motion events, which allows attackers to conduct touchjacking attacks and consequently gain privileges via a crafted application, aka internal bug 30647115.

Published: October 10, 2016; 06:59:27 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-3905

CORE/HDD/src/wlan_hdd_main.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application that sends a SENDACTIONFRAME command, aka Android internal bug 28061823 and Qualcomm internal bug CR 1001449.

Published: October 10, 2016; 06:59:11 AM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-3903

drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29513227 and Qualcomm internal bug CR 1040857.

Published: October 10, 2016; 06:59:10 AM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-3902

drivers/platform/msm/ipa/ipa_qmi_service.c in the Qualcomm IPA driver in Android before 2016-10-05 on Nexus 5X and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29953313 and Qualcomm internal bug CR 1044072.

Published: October 10, 2016; 06:59:09 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-3901

Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999161 and Qualcomm internal bug CR 1046434.

Published: October 10, 2016; 06:59:08 AM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-3860

sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29323142 and Qualcomm internal bug CR 1038127.

Published: October 10, 2016; 06:59:05 AM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2015-8956

The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.

Published: October 10, 2016; 06:59:04 AM -04:00
V3: 6.1 MEDIUM
V2: 3.6 LOW
CVE-2015-8951

Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 30142668 and Qualcomm internal bug CR 948902.

Published: October 10, 2016; 06:59:02 AM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-3894

The Qualcomm DMA component in Android before 2016-09-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29618014 and Qualcomm internal bug CR1042033.

Published: September 11, 2016; 05:59:38 PM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-3893

The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29512527 and Qualcomm internal bug CR856400.

Published: September 11, 2016; 05:59:37 PM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-3892

The Qualcomm SPMI driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28760543 and Qualcomm internal bug CR1024197.

Published: September 11, 2016; 05:59:36 PM -04:00
V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-3877

Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors.

Published: September 11, 2016; 05:59:21 PM -04:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2016-3874

CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus 5X devices does not properly validate the arguments array, which allows attackers to gain privileges via a crafted application that sends a WE_UNIT_TEST_CMD command, aka Android internal bug 29944562 and Qualcomm internal bug CR997797.

Published: September 11, 2016; 05:59:17 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-3873

The NVIDIA kernel in Android before 2016-09-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 29518457.

Published: September 11, 2016; 05:59:16 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-3869

The Broadcom Wi-Fi driver in Android before 2016-09-05 on Nexus 5, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29009982 and Broadcom internal bug RB#96070.

Published: September 11, 2016; 05:59:12 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-3868

The Qualcomm power driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28967028 and Qualcomm internal bug CR1032875.

Published: September 11, 2016; 05:59:11 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-3867

The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28919863 and Qualcomm internal bug CR1037897.

Published: September 11, 2016; 05:59:10 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-3866

The Qualcomm sound driver in Android before 2016-09-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28868303 and Qualcomm internal bug CR1032820.

Published: September 11, 2016; 05:59:09 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-3865

The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28799389.

Published: September 11, 2016; 05:59:07 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2016-3864

The Qualcomm radio interface layer in Android before 2016-09-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28823714 and Qualcomm internal bug CR913117.

Published: September 11, 2016; 05:59:06 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH