) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-0801 |
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029. Published: February 06, 2016; 8:59:00 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 8.3 HIGH |
| CVE-2015-6644 |
Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146. Published: January 06, 2016; 2:59:09 PM -0500 |
V3.0: 3.3 LOW V2.0: 4.3 MEDIUM |
| CVE-2015-6643 |
Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows physically proximate attackers to modify settings or bypass a reset protection mechanism via unspecified vectors, aka internal bug 25290269. Published: January 06, 2016; 2:59:08 PM -0500 |
V3.0: 6.6 MEDIUM V2.0: 7.2 HIGH |
| CVE-2015-6642 |
The kernel in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24157888. Published: January 06, 2016; 2:59:07 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 7.8 HIGH |
| CVE-2015-6639 |
The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875. Published: January 06, 2016; 2:59:04 PM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2015-6638 |
The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 24673908. Published: January 06, 2016; 2:59:03 PM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2015-6637 |
The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 25307013. Published: January 06, 2016; 2:59:02 PM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2015-6636 |
mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 25070493 and 24686670. Published: January 06, 2016; 2:59:01 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2015-5310 |
The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection (MFP) was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service (ignored packets) via a WNM Sleep Mode response. Published: January 06, 2016; 2:59:00 PM -0500 |
V3.0: 4.3 MEDIUM V2.0: 3.3 LOW |
| CVE-2014-9322 |
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space. Published: December 17, 2014; 6:59:02 AM -0500 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |