Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Total 15355 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-9005 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.
CVE-2015-9004 2 Google, Linux 2 Android, Linux Kernel 2026-06-17 9.3 HIGH 7.8 HIGH
kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.
CVE-2015-9003 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel.
CVE-2015-9002 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
CVE-2015-9001 1 Google 1 Android 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
CVE-2015-9000 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
CVE-2015-8999 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file.
CVE-2015-8998 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
CVE-2015-8997 1 Google 1 Android 2026-06-17 7.6 HIGH 7.0 HIGH
In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routine in all Android releases from CAF using the Linux kernel.
CVE-2015-8996 1 Google 1 Android 2026-06-17 7.6 HIGH 7.0 HIGH
In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel.
CVE-2015-8995 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
CVE-2015-8967 2 Google, Linux 2 Android, Linux Kernel 2026-06-17 9.3 HIGH 7.8 HIGH
arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access.
CVE-2015-8960 7 Apple, Google, Ietf and 4 more 18 Safari, Chrome, Transport Layer Security and 15 more 2026-06-17 6.8 MEDIUM 8.1 HIGH
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.
CVE-2015-8956 2 Google, Linux 2 Android, Linux Kernel 2026-06-17 3.6 LOW 6.1 MEDIUM
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.
CVE-2015-8955 2 Google, Linux 2 Android, Linux Kernel 2026-06-17 6.9 MEDIUM 7.3 HIGH
arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs.
CVE-2015-8951 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 30142668 and Qualcomm internal bug CR 948902.
CVE-2015-8944 2 Google, Linux 2 Android, Linux Kernel 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information by reading this file, aka Android internal bug 28814213 and Qualcomm internal bug CR786116. NOTE: the permissions may be intentional in most non-Android contexts.
CVE-2015-8943 1 Google 1 Android 2026-06-17 6.8 MEDIUM 7.8 HIGH
drivers/video/msm/mdss/mdss_mdp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not verify that a mapping exists before proceeding with an unmap operation, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28815158 and Qualcomm internal bugs CR794217 and CR836226.
CVE-2015-8942 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate the stream state, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28814652 and Qualcomm internal bug CR803246.
CVE-2015-8941 1 Google 1 Android 2026-06-17 9.3 HIGH 7.8 HIGH
drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices does not properly validate array indexes, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28814502 and Qualcomm internal bug CR792473.