Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Total 15289 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-10282 1 Google 1 Android 2026-06-17 7.6 HIGH 7.0 HIGH
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-33939045. References: M-ALPS03149189.
CVE-2016-10281 1 Google 1 Android 2026-06-17 7.6 HIGH 7.0 HIGH
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175647. References: M-ALPS02696475.
CVE-2016-10280 1 Google 1 Android 2026-06-17 7.6 HIGH 7.0 HIGH
An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175767. References: M-ALPS02696445.
CVE-2016-10276 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32952839. References: QC-CR#1094105.
CVE-2016-10275 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-34514954. References: QC-CR#1009111.
CVE-2016-10274 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30202412. References: M-ALPS02897901.
CVE-2016-10242 1 Google 1 Android 2026-06-17 7.6 HIGH 7.0 HIGH
A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel.
CVE-2016-10239 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability could potentially occur.
CVE-2016-10238 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue.
CVE-2016-10237 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory.
CVE-2016-10236 1 Google 1 Android 2026-06-17 4.3 MEDIUM 3.3 LOW
An information disclosure vulnerability in the Qualcomm USB driver. Product: Android. Versions: Android kernel. Android ID: A-33280689. References: QC-CR#1102418.
CVE-2016-10235 1 Google 1 Android 2026-06-17 5.0 MEDIUM 7.5 HIGH
A denial of service vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-34390620. References: QC-CR#1046409.
CVE-2016-10234 1 Google 1 Android 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
An information disclosure vulnerability in the Qualcomm IPA driver. Product: Android. Versions: Android kernel. Android ID: A-34390017. References: QC-CR#1069060.
CVE-2016-10233 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
An elevation of privilege vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-34389926. References: QC-CR#897452.
CVE-2016-10232 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
An elevation of privilege vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-34386696. References: QC-CR#1024872.
CVE-2016-10231 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
An elevation of privilege vulnerability in the Qualcomm sound codec driver. Product: Android. Versions: Android kernel. Android ID: A-33966912. References: QC-CR#1096799.
CVE-2016-10230 1 Google 1 Android 2026-06-17 10.0 HIGH 9.8 CRITICAL
A remote code execution vulnerability in the Qualcomm crypto driver. Product: Android. Versions: Android kernel. Android ID: A-34389927. References: QC-CR#1091408.
CVE-2016-10229 2 Google, Linux 2 Android, Linux Kernel 2026-06-17 10.0 HIGH 9.8 CRITICAL
udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.
CVE-2016-10200 2 Google, Linux 2 Android, Linux Kernel 2026-06-17 6.9 MEDIUM 7.0 HIGH
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.
CVE-2016-10044 2 Google, Linux 2 Android, Linux Kernel 2026-06-17 7.2 HIGH 7.8 HIGH
The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.