Max CVSS | 10.0 | Min CVSS | 9.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-9789 | 9.3 |
The (1) alloc and (2) free APIs in arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices do not validate parameters, which allows attackers to gain privileges via a crafted application, a
|
09-04-2019 - 17:06 | 11-07-2016 - 01:59 | |
CVE-2015-8891 | 9.3 |
Multiple integer overflows in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to bypass intended access restrictions via a crafted image, aka Android internal bug 28842418 and
|
28-11-2016 - 19:50 | 11-07-2016 - 01:59 | |
CVE-2015-8888 | 9.3 |
Integer overflow in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to bypass intended access restrictions via a crafted block count and block size of a sparse header, aka Android internal
|
28-11-2016 - 19:50 | 11-07-2016 - 01:59 | |
CVE-2015-8892 | 9.3 |
platform/msm_shared/boot_verifier.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to bypass intended access restrictions via a digest with trailing data, aka Android internal bug 28822807 and Qual
|
28-11-2016 - 19:50 | 11-07-2016 - 01:59 | |
CVE-2015-8890 | 9.3 |
platform/msm_shared/partition_parser.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate certain GUID Partition Table (GPT) data, which allows attackers to bypass intended access restrictions vi
|
28-11-2016 - 19:50 | 11-07-2016 - 01:59 | |
CVE-2015-8889 | 9.3 |
The aboot implementation in the Qualcomm components in Android before 2016-07-05 on Nexus 6P devices omits the recovery PIN feature, which has unspecified impact and attack vectors, aka Android internal bug 28822677 and Qualcomm internal bug CR804067
|
28-11-2016 - 19:50 | 11-07-2016 - 01:59 | |
CVE-2014-9801 | 9.3 |
Multiple integer overflows in lib/libfdt/fdt_rw.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28822060 and Qualcomm internal bug CR7
|
28-11-2016 - 19:15 | 11-07-2016 - 01:59 | |
CVE-2014-9800 | 9.3 |
Integer overflow in lib/heap/heap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28822150 and Qualcomm internal bug CR6
|
28-11-2016 - 19:15 | 11-07-2016 - 01:59 | |
CVE-2014-9802 | 9.3 |
Multiple integer overflows in lib/libfdt/fdt.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28821965 and Qualcomm intern
|
28-11-2016 - 19:15 | 11-07-2016 - 01:59 | |
CVE-2014-9793 | 9.3 |
platform/msm_shared/mmc.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices mishandles the power-on write-protect feature, which allows attackers to gain privileges via a crafted application, aka Android internal bug 2
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9785 | 9.3 |
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate addresses before copying data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9786 | 9.3 |
Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, a
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9780 | 9.3 |
drivers/video/msm/mdss/mdp3_ctrl.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5, 5X, and 6P devices does not validate start and length values, which allows attackers to gain privileges via a crafted application, aka Android inte
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9788 | 9.3 |
Multiple buffer overflows in the voice drivers in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28573112 and Qualcomm internal bug CR5488
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9784 | 9.3 |
Multiple buffer overflows in drivers/char/diag/diag_debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28442449 and
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9796 | 9.3 |
app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the page size in the kernel header, which allows attackers to bypass intended access restrictions via a crafted boot image, ak
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9779 | 9.3 |
arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to obtain sensitive information from kernel memory via a crafted offset, aka Android internal bug 28598347 and Qualc
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9781 | 9.3 |
Buffer overflow in drivers/video/fbcmap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28410333 and Qualcomm internal bug CR5
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9777 | 9.3 |
The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privileg
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9778 | 9.3 |
The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privi
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9792 | 9.3 |
arch/arm/mach-msm/ipc_router.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices uses an incorrect integer data type, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769399 and
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9790 | 9.3 |
drivers/mmc/core/debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate pointers used in read and write operations, which allows attackers to gain privileges via a crafted application, aka
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9782 | 9.3 |
drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate direction and step parameters, which allows attackers to gain privileges via
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9799 | 9.3 |
The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compi
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9795 | 10.0 |
app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices does not properly check for an integer overflow, which allows attackers to bypass intended access restrictions via crafted start and size values, aka Android
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9787 | 9.3 |
Integer overflow in drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28571496 and Qualcomm internal bug CR
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 | |
CVE-2014-9783 | 9.3 |
drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate certain values, which allows attackers to gain privileges via a crafted application, aka And
|
28-11-2016 - 19:14 | 11-07-2016 - 01:59 |