Filtered by vendor Google
Subscriptions
Total
13909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-3801 | 1 Google | 1 Android | 2025-04-12 | N/A |
| The MediaTek GPS driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28174914 and MediaTek internal bug ALPS02688853. | ||||
| CVE-2016-3803 | 1 Google | 1 Android | 2025-04-12 | N/A |
| The kernel filesystem implementation in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 28588434. | ||||
| CVE-2016-3811 | 1 Google | 1 Android | 2025-04-12 | N/A |
| The kernel video driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28447556. | ||||
| CVE-2016-3819 | 1 Google | 1 Android | 2025-04-12 | N/A |
| Integer overflow in codecs/on2/h264dec/source/h264bsd_dpb.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28533562. | ||||
| CVE-2016-5146 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
| CVE-2016-3824 | 1 Google | 1 Android | 2025-04-12 | N/A |
| omx/OMXNodeInstance.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the buffer port, which allows attackers to gain privileges via a crafted application, aka internal bug 28816827. | ||||
| CVE-2016-3834 | 1 Google | 1 Android | 2025-04-12 | N/A |
| The camera APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allow attackers to bypass intended access restrictions and obtain sensitive information about ANW buffer addresses via a crafted application, aka internal bug 28466701. | ||||
| CVE-2016-3836 | 1 Google | 1 Android | 2025-04-12 | N/A |
| The SurfaceFlinger service in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application, related to lack of a default constructor in include/ui/FrameStats.h, aka internal bug 28592402. | ||||
| CVE-2016-3844 | 1 Google | 1 Android | 2025-04-12 | N/A |
| mediaserver in Android before 2016-08-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28299517. | ||||
| CVE-2016-3852 | 1 Google | 1 Android | 2025-04-12 | N/A |
| The MediaTek Wi-Fi driver in Android before 2016-08-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29141147 and MediaTek internal bug ALPS02751738. | ||||
| CVE-2016-3854 | 1 Google | 1 Android | 2025-04-12 | N/A |
| drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR897326. | ||||
| CVE-2016-4230 | 6 Adobe, Apple, Google and 3 more | 9 Flash Player, Flash Player Desktop Runtime, Mac Os X and 6 more | 2025-04-12 | 8.8 High |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4231, and CVE-2016-4248. | ||||
| CVE-2016-3860 | 1 Google | 1 Android | 2025-04-12 | N/A |
| sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29323142 and Qualcomm internal bug CR 1038127. | ||||
| CVE-2016-4121 | 6 Adobe, Apple, Google and 3 more | 14 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 11 more | 2025-04-12 | 9.8 Critical |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110. | ||||
| CVE-2016-3874 | 1 Google | 1 Android | 2025-04-12 | N/A |
| CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus 5X devices does not properly validate the arguments array, which allows attackers to gain privileges via a crafted application that sends a WE_UNIT_TEST_CMD command, aka Android internal bug 29944562 and Qualcomm internal bug CR997797. | ||||
| CVE-2016-4286 | 6 Adobe, Apple, Google and 3 more | 12 Flash Player, Flash Player Desktop Runtime, Mac Os X and 9 more | 2025-04-12 | N/A |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors. | ||||
| CVE-2016-3882 | 1 Google | 1 Android | 2025-04-12 | N/A |
| Off-by-one error in server/wifi/anqp/VenueNameElement.java in Wi-Fi in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (reboot) via an access point that provides a crafted (1) Venue Group or (2) Venue Type value, aka internal bug 29464811. | ||||
| CVE-2016-6910 | 1 Google | 1 Android | 2025-04-12 | N/A |
| The non-existent notification listener vulnerability was introduced in the initial Android 5.0.2 builds for the Samsung Galaxy S6 Edge devices, but the vulnerability can persist on the device even after the device has been upgraded to an Android 5.1.1 or 6.0.1 build. The vulnerable system app gives a non-existent app the ability to read the notifications from the device, which a third-party app can utilize if it uses a package name of com.samsung.android.app.portalservicewidget. This vulnerability allows an unprivileged third-party app to obtain the text of the user's notifications, which tend to contain personal data. | ||||
| CVE-2016-3893 | 1 Google | 1 Android | 2025-04-12 | N/A |
| The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29512527 and Qualcomm internal bug CR856400. | ||||
| CVE-2016-3902 | 1 Google | 1 Android | 2025-04-12 | N/A |
| drivers/platform/msm/ipa/ipa_qmi_service.c in the Qualcomm IPA driver in Android before 2016-10-05 on Nexus 5X and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29953313 and Qualcomm internal bug CR 1044072. | ||||