Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Total 15289 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-11030 1 Google 1 Android 2026-06-17 6.8 MEDIUM 8.1 HIGH
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (with Hrm sensor support) software. The sysfs of the MAX86902 sensor driver does not prevent concurrent access, leading to a race condition and resultant heap-based buffer overflow. The Samsung ID is SVE-2016-7341 (December 2016).
CVE-2016-11029 1 Google 1 Android 2026-06-17 5.0 MEDIUM 7.5 HIGH
An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.0) software. Attackers can read the password of the Mobile Hotspot in the log because of an unprotected intent. The Samsung ID is SVE-2016-7301 (December 2016).
CVE-2016-11028 2 Google, Samsung 2 Android, Exynos 2026-06-17 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets). There is a stack-based buffer overflow in the OTP TrustZone trustlet. The Samsung IDs are SVE-2016-7173 and SVE-2016-7174 (December 2016).
CVE-2016-11027 1 Google 1 Android 2026-06-17 2.1 LOW 2.4 LOW
An issue was discovered on Samsung mobile devices with M(6.0) software. In the Shade Locked state, a physically proximate attacker can read notifications on the lock screen. The Samsung ID is SVE-2016-7132 (December 2016).
CVE-2016-11026 1 Google 1 Android 2026-06-17 7.8 HIGH 7.5 HIGH
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. BootReceiver allows attackers to trigger a system crash because of incorrect exception handling. The Samsung ID is SVE-2016-7118 (December 2016).
CVE-2016-11025 1 Google 1 Android 2026-06-17 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets). There is a memcpy heap-based buffer overflow in the OTP service. The Samsung ID is SVE-2016-7114 (December 2016).
CVE-2016-10403 1 Google 1 Chrome 2026-06-17 6.8 MEDIUM 8.8 HIGH
Insufficient data validation on image data in PDFium in Google Chrome prior to 51.0.2704.63 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
CVE-2016-10398 1 Google 1 Android 2026-06-17 7.2 HIGH 6.2 MEDIUM
Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens (AuthTokens) used by the Trusted Execution Environment (TEE) are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE without authenticating. All apps using authentication-gated cryptography are vulnerable to this attack, which was confirmed on the LG Nexus 5X.
CVE-2016-10393 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a clip with large size values, integer arithmetic overflows, and allocated buffer size will be less than intended buffer size. The following buffer operations will overflow the allocated buffer.
CVE-2016-10392 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, a driver can potentially leak kernel memory.
CVE-2016-10391 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity.
CVE-2016-10390 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a file, an excessive amount of memory may be consumed.
CVE-2016-10389 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition.
CVE-2016-10388 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application.
CVE-2016-10387 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario.
CVE-2016-10386 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP.
CVE-2016-10385 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS.
CVE-2016-10384 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl.
CVE-2016-10383 1 Google 1 Android 2026-06-17 9.3 HIGH 8.1 HIGH
In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI.
CVE-2016-10382 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient.