Filtered by vendor Google
Subscribe
Total
11977 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-1501 | 4 Google, Mozilla, Oracle and 1 more | 6 Android, Firefox, Solaris and 3 more | 2016-11-17 | 5.8 MEDIUM | N/A |
| Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection. | |||||
| CVE-2014-1527 | 4 Fedoraproject, Google, Mozilla and 1 more | 4 Fedora, Android, Firefox and 1 more | 2016-11-17 | 5.0 MEDIUM | N/A |
| Mozilla Firefox before 29.0 on Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses DOM events to prevent the reemergence of the actual address bar after scrolling has taken it off of the screen. | |||||
| CVE-2014-1506 | 3 Google, Mozilla, Oracle | 3 Android, Firefox, Solaris | 2016-11-15 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments. | |||||
| CVE-2015-0800 | 2 Google, Mozilla | 2 Android, Firefox | 2016-10-04 | 5.0 MEDIUM | N/A |
| The PRNG implementation in the DNS resolver in Mozilla Firefox (aka Fennec) before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2012-2808. | |||||
| CVE-2016-2442 | 1 Google | 4 Android, Nexus 5x, Nexus 6 and 1 more | 2016-08-18 | 7.6 HIGH | 7.0 HIGH |
| The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907. | |||||
| CVE-2016-2441 | 1 Google | 4 Android, Nexus 5x, Nexus 6 and 1 more | 2016-08-16 | 7.6 HIGH | 7.0 HIGH |
| The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602. | |||||
| CVE-2015-3854 | 1 Google | 1 Android | 2016-08-10 | 5.0 MEDIUM | 7.5 HIGH |
| packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarnings.java in Android 5.x allows attackers to bypass a DEVICE_POWER permission requirement via a broadcast intent with the PNW.stopSaver action, aka internal bug 20918350. | |||||
| CVE-2016-3857 | 1 Google | 1 Android | 2016-08-10 | 9.3 HIGH | 7.8 HIGH |
| The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518. | |||||
| CVE-2016-3747 | 1 Google | 1 Android | 2016-07-14 | 10.0 HIGH | 7.8 HIGH |
| Use-after-free vulnerability in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27903498. | |||||
| CVE-2016-3771 | 1 Google | 1 Android | 2016-07-12 | 9.3 HIGH | 7.8 HIGH |
| The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29007611 and MediaTek internal bug ALPS02703102. | |||||
| CVE-2016-3795 | 1 Google | 1 Android | 2016-07-12 | 9.3 HIGH | 7.8 HIGH |
| The MediaTek power driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28085222 and MediaTek internal bug ALPS02677244. | |||||
| CVE-2016-3797 | 1 Google | 1 Android | 2016-07-12 | 9.3 HIGH | 7.8 HIGH |
| The Qualcomm Wi-Fi driver in Android before 2016-07-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28085680 and Qualcomm internal bug CR1001450. | |||||
| CVE-2016-3807 | 1 Google | 1 Android | 2016-07-12 | 9.3 HIGH | 7.8 HIGH |
| The serial peripheral interface driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 28402196. | |||||
| CVE-2016-3809 | 1 Google | 1 Android | 2016-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| The networking component in Android before 2016-07-05 on Android One, Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, and Pixel C devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 27532522. | |||||
| CVE-2016-3812 | 1 Google | 1 Android | 2016-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| The MediaTek video codec driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28174833 and MediaTek internal bug ALPS02688832. | |||||
| CVE-2016-3805 | 1 Google | 1 Android | 2016-07-12 | 9.3 HIGH | 7.8 HIGH |
| The MediaTek power management driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28333002 and MediaTek internal bug ALPS02694412. | |||||
| CVE-2016-3810 | 1 Google | 1 Android | 2016-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28175522 and MediaTek internal bug ALPS02694389. | |||||
| CVE-2016-3799 | 1 Google | 1 Android | 2016-07-12 | 9.3 HIGH | 7.8 HIGH |
| The MediaTek video driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28175025 and MediaTek internal bug ALPS02693738. | |||||
| CVE-2016-3813 | 1 Google | 1 Android | 2016-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Qualcomm USB driver in Android before 2016-07-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28172322 and Qualcomm internal bug CR1010222. | |||||
| CVE-2016-3811 | 1 Google | 1 Android | 2016-07-12 | 9.3 HIGH | 7.8 HIGH |
| The kernel video driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28447556. | |||||