Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  >> 4.4.2  Security Vulnerabilities
CVE-2016-2470
The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27662174.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-06-13
CVE-2016-2469
The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27531992.
CVSS Score
7.8
EPSS Score
0.001
Published
2016-06-13
CVE-2016-2468
The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454.
CVSS Score
7.8
EPSS Score
0.004
Published
2016-06-13
CVE-2016-2467
The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28029010.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-06-13
CVE-2016-2466
The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka internal bug 27947307.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-06-13
CVE-2016-2465
The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407865.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-06-13
CVE-2016-2463
Multiple integer overflows in the h264dec component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large memory allocation, aka internal bug 27855419.
CVSS Score
8.4
EPSS Score
0.006
Published
2016-06-13
CVE-2016-1671
Google Chrome before 50.0.2661.102 on Android mishandles / (slash) and \ (backslash) characters, which allows attackers to conduct directory traversal attacks via a file: URL, related to net/base/escape.cc and net/base/filename_util.cc.
CVSS Score
8.1
EPSS Score
0.002
Published
2016-05-14
CVE-2016-2460
mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and IGraphicBufferProducer.cpp, aka internal bug 27555981.
CVSS Score
5.5
EPSS Score
0.001
Published
2016-05-09
CVE-2016-2459
mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and IGraphicBufferProducer.cpp, aka internal bug 27556038.
CVSS Score
5.5
EPSS Score
0.001
Published
2016-05-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved