Summary |
Description |
CVE |
Elevation of Privilege in Kernel Subsystem |
An elevation of privilege vulnerability in the kernel memory management subsystem could enable a local malicious application to execute arbitrary code within the context of a privileged process. |
CVE-2016-5195 |
Remote Code Execution Vulnerability in Android Runtime |
A remote code execution vulnerability in an Android runtime library could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. |
CVE-2016-6703 |
Elevation of Privilege Vulnerabilities in Mediaserver |
Elevation of privilege vulnerabilities in mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. |
CVE-2016-6704
CVE-2016-6705 |
Elevation of Privilege Vulnerability in System Server |
An elevation of privilege vulnerability in system server could enable a local malicious application to execute arbitrary code within the context of a privileged process. |
CVE-2016-6707 |
Information Disclosure Vulnerability in Conscrypt and BoringSSL |
An information disclosure vulnerability in Conscrypt and BoringSSL could enable a man-in-the middle attacker to gain access to sensitive information if a non-standard cipher suite is used by an application. |
CVE-2016-6709 |
Information Disclosure Vulnerability in Download Manager |
An information disclosure vulnerability in the download manager could enable a local malicious application to bypass operating system protections that isolate application data from other applications. |
CVE-2016-6710 |
Denial of Service Vulnerabilities in Mediaserver |
Remote denial of service vulnerabilities in mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. |
CVE-2016-6711
CVE-2016-6712
CVE-2016-6713
CVE-2016-6714 |
Elevation of Privilege Vulnerability in Framework APIs |
An elevation of privilege vulnerability in the Framework APIs could allow a local malicious application to record audio without the user’s permission. |
CVE-2016-6715 |
Elevation of Privilege Vulnerability in Mediaserver |
An elevation of privilege vulnerability in mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. |
CVE-2016-6717 |
Elevation of Privilege Vulnerability in Bluetooth |
An elevation of privilege vulnerability in the Bluetooth component could enable a local malicious application to pair with any Bluetooth device without user consent. |
CVE-2016-6719 |
Information Disclosure Vulnerabilities in Mediaserver |
nformation disclosure vulnerabilities in mediaserver could enable a local malicious application to access data outside of its permission levels. |
CVE-2016-6720
CVE-2016-6721
CVE-2016-6722 |
Denial of Service Vulnerability in Proxy Auto Config |
A denial of service vulnerability in Proxy Auto Config could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. |
CVE-2016-6723 |
Denial of Service Vulnerability in Input Manager Service |
A denial of service vulnerability in the Input Manager Service could enable a local malicious application to cause the device to continually reboot. |
CVE-2016-6724 |
Remote Code Execution Vulnerability in Qualcomm GPS Subsystem |
A remote code execution vulnerability in the Qualcomm GPS subsystem could enable a remote attacker to execute arbitrary code within the context of the kernel. |
CVE-2016-6727 |
Remote Code Execution Vulnerability in Qualcomm Crypto Driver |
A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. |
CVE-2016-6725 |
Elevation of Privilege Vulnerability in Kernel ION Subsystem |
An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2016-6728 |
Elevation of Privilege Vulnerability in Qualcomm Bootloader |
An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2016-6729 |
Elevation of Privilege Vulnerability in Kernel Networking Subsystem |
An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2016-6828 |
Elevation of Privilege Vulnerability in Kernel Sound Subsystem |
An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2016-2184 |
Elevation of Privilege Vulnerabilities in Kernel File System |
Elevation of privilege vulnerabilities in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2016-7910
CVE-2016-7911
CVE-2015-8961 |
Elevation of Privilege Vulnerability in Kernel SCSI Driver |
An elevation of privilege vulnerability in the kernel SCSI driver could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2015-8962 |
Elevation of Privilege Vulnerability in Kernel USB Driver |
An elevation of privilege vulnerability in the kernel USB driver could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2016-7912 |
Elevation of Privilege Vulnerability in Kernel ION Subsystem |
An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel |
CVE-2016-6737 |
Remote Code Execution Vulnerabilities in Expat |
Multiple vulnerabilities exist in the Expat library, the most severe of which is an elevation of privilege vulnerability in the Expat XML parser, which could enable an attacker using a specially crafted file to execute arbitrary code in an unprivileged process. |
CVE-2016-0718
CVE-2012-6702
CVE-2016-5300
CVE-2015-1283 |
Remote Code Execution Vulnerability in Freetype |
A remote code execution vulnerability in Freetype could enable a local malicious application to load a specially crafted font to cause memory corruption in an unprivileged process. |
CVE-2014-9675 |
Elevation of Privilege Vulnerability in Kernel System-call Auditing Subsystem |
An elevation of privilege vulnerability in the kernel system-call auditing subsystem could enable a local malicious application to disrupt system-call auditing in the kernel. |
CVE-2016-6136 |
Elevation of Privilege Vulnerability in Qualcomm Crypto Engine Driver |
An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2016-6738 |
Elevation of Privilege Vulnerabilities in Qualcomm Camera Driver |
Elevation of privilege vulnerabilities in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel |
CVE-2016-6739
CVE-2016-6740
CVE-2016-6741 |
Elevation of Privilege Vulnerability in Qualcomm Bus Driver |
An elevation of privilege vulnerability in the Qualcomm bus driver could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2016-3904 |
Elevation of Privilege Vulnerabilities in Synaptics Touchscreen Driver |
Elevation of privilege vulnerabilities in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2016-6742
CVE-2016-6743
CVE-2016-6744
CVE-2016-6745 |
Elevation of Privilege Vulnerability in Kernel Performance Subsystem |
An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. |
CVE-2015-8963 |
Information Disclosure Vulnerabilities in Kernel Components |
Information disclosure vulnerabilities in kernel components including the human interface device driver, file system, and Teletype driver, could enable a local malicious application to access data outside of its permission levels. |
CVE-2016-7914
CVE-2015-8964
CVE-2016-7915
CVE-2016-7916 |
Information Disclosure Vulnerabilities in Qualcomm Components |
Information disclosure vulnerabilities in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver could enable a local malicious application to access data outside of its permission levels. |
CVE-2016-6748
CVE-2016-6749
CVE-2016-6750
CVE-2016-3906
CVE-2016-3907
CVE-2016-6698
CVE-2016-6751
CVE-2016-6752 |
Information Disclosure Vulnerabilities in Kernel Components |
Information disclosure vulnerabilities in kernel components, including the process-grouping subsystem and the networking subsystem, could enable a local malicious application to access data outside of its permission levels. |
CVE-2016-6753
CVE-2016-7917 |