| Max CVSS | 9.3 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-8937 | 6.8 |
drivers/char/diag/diagchar_core.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 6, and 7 (2013) devices mishandles a socket process, which allows attackers to gain privileges via a crafted application, aka Android internal bug 2
|
28-11-2016 - 19:50 | 06-08-2016 - 10:59 | |
| CVE-2015-8943 | 6.8 |
drivers/video/msm/mdss/mdss_mdp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not verify that a mapping exists before proceeding with an unmap operation, which allows attackers to gain privileges via a crafted
|
28-11-2016 - 19:50 | 06-08-2016 - 10:59 | |
| CVE-2015-8938 | 9.3 |
The MSM camera driver in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate input parameters, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28804030 and Qualcomm i
|
28-11-2016 - 19:50 | 06-08-2016 - 10:59 | |
| CVE-2015-8942 | 9.3 |
drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate the stream state, which allows attackers to gain privileges via a crafted application, aka Android i
|
28-11-2016 - 19:50 | 06-08-2016 - 10:59 | |
| CVE-2015-8941 | 9.3 |
drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices does not properly validate array indexes, which allows attackers to gain privileges via a crafted appl
|
28-11-2016 - 19:50 | 06-08-2016 - 10:59 | |
| CVE-2015-8939 | 9.3 |
drivers/video/msm/mdp4_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate r stages, g stages, or b stages data, which allows attackers to gain privileges via a crafted application, aka Android i
|
28-11-2016 - 19:50 | 06-08-2016 - 10:59 | |
| CVE-2015-8940 | 9.3 |
Integer overflow in sound/soc/msm/qdsp6v2/q6lsm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28813987 and Qualcomm internal bug CR
|
28-11-2016 - 19:50 | 06-08-2016 - 10:59 | |
| CVE-2014-9863 | 9.3 |
Integer underflow in the diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28768
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9885 | 6.8 |
Format string vulnerability in drivers/thermal/qpnp-adc-tm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices allows attackers to gain privileges via a crafted application that provides format string specifiers in a name, ak
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9881 | 6.8 |
drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices uses an incorrect integer data type, which allows attackers to gain privileges or cause a denial of service (buffer overflow) via a cra
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9874 | 6.8 |
Buffer overflow in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, related to arch/arm/mach-msm/qdsp6v2/audio_utils.c and sound/soc/msm/qdsp6
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9879 | 6.8 |
The mdss mdp3 driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate user-space data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769221 and Qualcomm int
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9877 | 6.8 |
drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices mishandles a user-space pointer, which allows attackers to gain privileges via a crafted appli
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9891 | 9.3 |
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain buffer addresses, which allows attackers to gain privileges via a crafted application that makes an ioctl call, aka Android in
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9887 | 9.3 |
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain length values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 2880
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9870 | 9.3 |
The Linux kernel before 3.11 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly consider user-space access to the TPIDRURW register, which allows local users to gain privileges via a crafted appl
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9867 | 9.3 |
drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate the number of streams, which allows attackers to gain privileges via a crafted appli
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9884 | 6.8 |
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain pointers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769920
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9890 | 9.3 |
Off-by-one error in drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application that sends an I2C comm
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9880 | 6.8 |
drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate VEN_IOCTL_GET_SEQUENCE_HDR ioctl calls, which allows attackers to gain privileges via a crafted application,
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9864 | 9.3 |
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate ioctl calls, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28747998 and Q
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9872 | 6.8 |
The diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not ensure unique identifiers in a DCI client table, which allows attackers to gain privileges via a crafted application, aka Android internal bug 2875015
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9875 | 6.8 |
drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application that sends short DCI request packets, aka Android internal bug 28767589 and Q
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9868 | 6.9 |
drivers/media/platform/msm/camera_v2/sensor/csiphy/msm_csiphy.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via an application that provides a crafted mask value, aka And
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9882 | 6.8 |
Buffer overflow in drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28769546 and Qualcomm intern
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9889 | 6.8 |
drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate CPP frame messages, which allows attackers to gain privileges via a crafted application, aka Android
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9883 | 6.8 |
Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android intern
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9878 | 6.8 |
drivers/mmc/card/mmc_block_test.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges via a crafted application, aka Android internal bug
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9876 | 6.8 |
drivers/char/diag/diagfwd.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices mishandles certain integer values, which allows attackers to gain privileges via a crafted application, aka Android intern
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9866 | 9.3 |
drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate a certain parameter, which allows attackers to gain privileges via a crafted applica
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9888 | 7.2 |
arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9886 | 6.8 |
arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers to gain privileges via a crafted application, aka A
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9873 | 6.8 |
Integer underflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android inter
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9871 | 9.3 |
Multiple buffer overflows in drivers/media/platform/msm/camera_v2/isp/msm_isp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android int
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9869 | 9.3 |
drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain index values, which allows attackers to gain privileges via a crafted appl
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 | |
| CVE-2014-9865 | 9.3 |
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly restrict user-space input, which allows attackers to gain privileges via a crafted application, aka Android internal bug
|
28-11-2016 - 19:15 | 06-08-2016 - 10:59 |