Vulnerabilites related to google - nexus_9
CVE-2016-2444 (GCVE-0-2016-2444)
Vulnerability from cvelistv5
Published
2016-05-09 10:00
Modified
2024-08-05 23:32
Severity ?
EPSS score ?
Summary
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.
References
| ▼ | URL | Tags |
|---|---|---|
| http://source.android.com/security/bulletin/2016-05-01.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:32:20.075Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-02T00:00:00", descriptions: [ { lang: "en", value: "The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-05-09T06:57:01", orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", shortName: "google_android", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@android.com", ID: "CVE-2016-2444", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://source.android.com/security/bulletin/2016-05-01.html", refsource: "CONFIRM", url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", assignerShortName: "google_android", cveId: "CVE-2016-2444", datePublished: "2016-05-09T10:00:00", dateReserved: "2016-02-18T00:00:00", dateUpdated: "2024-08-05T23:32:20.075Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-6684 (GCVE-0-2016-6684)
Vulnerability from cvelistv5
Published
2016-10-10 10:00
Modified
2024-08-06 01:36
Severity ?
EPSS score ?
Summary
The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30148243.
References
| ▼ | URL | Tags |
|---|---|---|
| http://source.android.com/security/bulletin/2016-10-01.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/93326 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:36:29.640Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-10-01.html", }, { name: "93326", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/93326", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-10-05T00:00:00", descriptions: [ { lang: "en", value: "The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30148243.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T19:57:01", orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", shortName: "google_android", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://source.android.com/security/bulletin/2016-10-01.html", }, { name: "93326", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/93326", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@android.com", ID: "CVE-2016-6684", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30148243.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://source.android.com/security/bulletin/2016-10-01.html", refsource: "CONFIRM", url: "http://source.android.com/security/bulletin/2016-10-01.html", }, { name: "93326", refsource: "BID", url: "http://www.securityfocus.com/bid/93326", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", assignerShortName: "google_android", cveId: "CVE-2016-6684", datePublished: "2016-10-10T10:00:00", dateReserved: "2016-08-11T00:00:00", dateUpdated: "2024-08-06T01:36:29.640Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2436 (GCVE-0-2016-2436)
Vulnerability from cvelistv5
Published
2016-05-09 10:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.
References
| ▼ | URL | Tags |
|---|---|---|
| http://source.android.com/security/bulletin/2016-05-01.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:24:49.378Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-02T00:00:00", descriptions: [ { lang: "en", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-05-09T06:57:01", orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", shortName: "google_android", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@android.com", ID: "CVE-2016-2436", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://source.android.com/security/bulletin/2016-05-01.html", refsource: "CONFIRM", url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", assignerShortName: "google_android", cveId: "CVE-2016-2436", datePublished: "2016-05-09T10:00:00", dateReserved: "2016-02-18T00:00:00", dateUpdated: "2024-08-05T23:24:49.378Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2445 (GCVE-0-2016-2445)
Vulnerability from cvelistv5
Published
2016-05-09 10:00
Modified
2024-08-05 23:32
Severity ?
EPSS score ?
Summary
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.
References
| ▼ | URL | Tags |
|---|---|---|
| http://source.android.com/security/bulletin/2016-05-01.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:32:20.091Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-02T00:00:00", descriptions: [ { lang: "en", value: "The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-05-09T06:57:01", orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", shortName: "google_android", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@android.com", ID: "CVE-2016-2445", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://source.android.com/security/bulletin/2016-05-01.html", refsource: "CONFIRM", url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", assignerShortName: "google_android", cveId: "CVE-2016-2445", datePublished: "2016-05-09T10:00:00", dateReserved: "2016-02-18T00:00:00", dateUpdated: "2024-08-05T23:32:20.091Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-12762 (GCVE-0-2019-12762)
Vulnerability from cvelistv5
Published
2019-06-06 19:45
Modified
2024-08-04 23:32
Severity ?
EPSS score ?
Summary
Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.
References
| ▼ | URL | Tags |
|---|---|---|
| https://medium.com/%40juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607 | x_refsource_MISC | |
| https://hackercombat.com/nfc-vulnerability-may-promote-ghost-screen-taps/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:32:54.710Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://medium.com/%40juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://hackercombat.com/nfc-vulnerability-may-promote-ghost-screen-taps/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-06T19:45:22", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://medium.com/%40juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607", }, { tags: [ "x_refsource_MISC", ], url: "https://hackercombat.com/nfc-vulnerability-may-promote-ghost-screen-taps/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-12762", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://medium.com/@juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607", refsource: "MISC", url: "https://medium.com/@juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607", }, { name: "https://hackercombat.com/nfc-vulnerability-may-promote-ghost-screen-taps/", refsource: "MISC", url: "https://hackercombat.com/nfc-vulnerability-may-promote-ghost-screen-taps/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-12762", datePublished: "2019-06-06T19:45:22", dateReserved: "2019-06-06T00:00:00", dateUpdated: "2024-08-04T23:32:54.710Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2437 (GCVE-0-2016-2437)
Vulnerability from cvelistv5
Published
2016-05-09 10:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.
References
| ▼ | URL | Tags |
|---|---|---|
| http://source.android.com/security/bulletin/2016-05-01.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:24:49.362Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-02T00:00:00", descriptions: [ { lang: "en", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-05-09T06:57:01", orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", shortName: "google_android", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@android.com", ID: "CVE-2016-2437", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://source.android.com/security/bulletin/2016-05-01.html", refsource: "CONFIRM", url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", assignerShortName: "google_android", cveId: "CVE-2016-2437", datePublished: "2016-05-09T10:00:00", dateReserved: "2016-02-18T00:00:00", dateUpdated: "2024-08-05T23:24:49.362Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2435 (GCVE-0-2016-2435)
Vulnerability from cvelistv5
Published
2016-05-09 10:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.
References
| ▼ | URL | Tags |
|---|---|---|
| http://source.android.com/security/bulletin/2016-05-01.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:24:49.352Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-02T00:00:00", descriptions: [ { lang: "en", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-05-09T06:57:01", orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", shortName: "google_android", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@android.com", ID: "CVE-2016-2435", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://source.android.com/security/bulletin/2016-05-01.html", refsource: "CONFIRM", url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", assignerShortName: "google_android", cveId: "CVE-2016-2435", datePublished: "2016-05-09T10:00:00", dateReserved: "2016-02-18T00:00:00", dateUpdated: "2024-08-05T23:24:49.352Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2446 (GCVE-0-2016-2446)
Vulnerability from cvelistv5
Published
2016-05-09 10:00
Modified
2024-08-05 23:32
Severity ?
EPSS score ?
Summary
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.
References
| ▼ | URL | Tags |
|---|---|---|
| http://source.android.com/security/bulletin/2016-05-01.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036763 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:32:20.407Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { name: "1036763", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036763", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-02T00:00:00", descriptions: [ { lang: "en", value: "The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-12T09:57:01", orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", shortName: "google_android", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { name: "1036763", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036763", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@android.com", ID: "CVE-2016-2446", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://source.android.com/security/bulletin/2016-05-01.html", refsource: "CONFIRM", url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { name: "1036763", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036763", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", assignerShortName: "google_android", cveId: "CVE-2016-2446", datePublished: "2016-05-09T10:00:00", dateReserved: "2016-02-18T00:00:00", dateUpdated: "2024-08-05T23:32:20.407Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-6915 (GCVE-0-2016-6915)
Vulnerability from cvelistv5
Published
2017-04-24 20:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.
References
| ▼ | URL | Tags |
|---|---|---|
| https://source.android.com/security/bulletin/2016-12-01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/94667 | vdb-entry, x_refsource_BID | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4561 | x_refsource_CONFIRM | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:43:38.621Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, { name: "94667", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94667", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-12-05T00:00:00", descriptions: [ { lang: "en", value: "Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-18T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, { name: "94667", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94667", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-6915", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://source.android.com/security/bulletin/2016-12-01", refsource: "CONFIRM", url: "https://source.android.com/security/bulletin/2016-12-01", }, { name: "94667", refsource: "BID", url: "http://www.securityfocus.com/bid/94667", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-6915", datePublished: "2017-04-24T20:00:00", dateReserved: "2016-08-23T00:00:00", dateUpdated: "2024-08-06T01:43:38.621Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2459 (GCVE-0-2016-2459)
Vulnerability from cvelistv5
Published
2016-05-09 10:00
Modified
2024-08-05 23:32
Severity ?
EPSS score ?
Summary
mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and IGraphicBufferProducer.cpp, aka internal bug 27556038.
References
| ▼ | URL | Tags |
|---|---|---|
| http://source.android.com/security/bulletin/2016-05-01.html | x_refsource_CONFIRM | |
| https://android.googlesource.com/platform/frameworks/native/+/a30d7d90c4f718e46fb41a99b3d52800e1011b73 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:32:20.151Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://android.googlesource.com/platform/frameworks/native/+/a30d7d90c4f718e46fb41a99b3d52800e1011b73", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-02T00:00:00", descriptions: [ { lang: "en", value: "mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and IGraphicBufferProducer.cpp, aka internal bug 27556038.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-05-09T06:57:01", orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", shortName: "google_android", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://android.googlesource.com/platform/frameworks/native/+/a30d7d90c4f718e46fb41a99b3d52800e1011b73", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@android.com", ID: "CVE-2016-2459", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and IGraphicBufferProducer.cpp, aka internal bug 27556038.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://source.android.com/security/bulletin/2016-05-01.html", refsource: "CONFIRM", url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { name: "https://android.googlesource.com/platform/frameworks/native/+/a30d7d90c4f718e46fb41a99b3d52800e1011b73", refsource: "CONFIRM", url: "https://android.googlesource.com/platform/frameworks/native/+/a30d7d90c4f718e46fb41a99b3d52800e1011b73", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", assignerShortName: "google_android", cveId: "CVE-2016-2459", datePublished: "2016-05-09T10:00:00", dateReserved: "2016-02-18T00:00:00", dateUpdated: "2024-08-05T23:32:20.151Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-6917 (GCVE-0-2016-6917)
Vulnerability from cvelistv5
Published
2017-04-24 19:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in | x_refsource_CONFIRM | |
| https://source.android.com/security/bulletin/2016-12-01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/94667 | vdb-entry, x_refsource_BID | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4561 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:43:38.618Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, { name: "94667", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94667", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-12-05T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-18T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, { name: "94667", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94667", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-6917", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { name: "https://source.android.com/security/bulletin/2016-12-01", refsource: "CONFIRM", url: "https://source.android.com/security/bulletin/2016-12-01", }, { name: "94667", refsource: "BID", url: "http://www.securityfocus.com/bid/94667", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-6917", datePublished: "2017-04-24T19:00:00", dateReserved: "2016-08-23T00:00:00", dateUpdated: "2024-08-06T01:43:38.618Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-6916 (GCVE-0-2016-6916)
Vulnerability from cvelistv5
Published
2017-04-24 19:00
Modified
2024-08-06 01:43
Severity ?
EPSS score ?
Summary
Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in | x_refsource_CONFIRM | |
| https://source.android.com/security/bulletin/2016-12-01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/94667 | vdb-entry, x_refsource_BID | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4561 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:43:38.435Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, { name: "94667", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94667", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-12-05T00:00:00", descriptions: [ { lang: "en", value: "Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-18T17:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, { name: "94667", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94667", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-6916", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", refsource: "CONFIRM", url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { name: "https://source.android.com/security/bulletin/2016-12-01", refsource: "CONFIRM", url: "https://source.android.com/security/bulletin/2016-12-01", }, { name: "94667", refsource: "BID", url: "http://www.securityfocus.com/bid/94667", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-6916", datePublished: "2017-04-24T19:00:00", dateReserved: "2016-08-23T00:00:00", dateUpdated: "2024-08-06T01:43:38.435Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-2434 (GCVE-0-2016-2434)
Vulnerability from cvelistv5
Published
2016-05-09 10:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.
References
| ▼ | URL | Tags |
|---|---|---|
| http://source.android.com/security/bulletin/2016-05-01.html | x_refsource_CONFIRM | |
| http://nvidia.custhelp.com/app/answers/detail/a_id/4561 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:24:49.358Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-05-02T00:00:00", descriptions: [ { lang: "en", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-10-18T17:57:01", orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", shortName: "google_android", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@android.com", ID: "CVE-2016-2434", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://source.android.com/security/bulletin/2016-05-01.html", refsource: "CONFIRM", url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { name: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", refsource: "CONFIRM", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", assignerShortName: "google_android", cveId: "CVE-2016-2434", datePublished: "2016-05-09T10:00:00", dateReserved: "2016-02-18T00:00:00", dateUpdated: "2024-08-05T23:24:49.358Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2017-04-24 19:59
Modified
2024-11-21 02:57
Severity ?
Summary
Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | shield_tablet_firmware | * | |
| nvidia | shield_tablet | - | |
| nvidia | shield_tablet_tk1_firmware | * | |
| nvidia | shield_tablet_tk1 | - | |
| nvidia | shield_tv_firmware | * | |
| nvidia | shield_tv | - | |
| nvidia | video_driver | - | |
| nexus_9 | - | ||
| pixel_c | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:shield_tablet_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0750A91D-C568-49C4-86E0-D9DA075BA33D", versionEndIncluding: "4.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tablet:-:*:*:*:*:*:*:*", matchCriteriaId: "A28C0ED3-654C-4783-B8A0-67D7C3D1FE9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:shield_tablet_tk1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D103EA4F-A03D-487F-8686-838078B78199", versionEndIncluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tablet_tk1:-:*:*:*:*:*:*:*", matchCriteriaId: "845E4A71-7181-4AB6-9ADF-43ABC6C9A785", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D495631-CFF4-46B5-AAAE-3E51717C1337", versionEndIncluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:video_driver:-:*:*:*:*:android:*:*", matchCriteriaId: "C162AD10-3322-4317-B808-B6B517576F66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, { criteria: "cpe:2.3:h:google:pixel_c:-:*:*:*:*:*:*:*", matchCriteriaId: "9526852E-8BF4-42AA-A9BC-84FEC564B871", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow.", }, { lang: "es", value: "Desbordamiento de entero en nvhost_job.c en el video driver NVIDIA para Android, Shield TV en versiones anteriores a OTA 3.3, Shield Table en versiones anteriores a OTA 4.4, y Shield Table TK1 en versiones anteriores a OTA 1.5 permite usuarios locales provocar una denegación de servicio (caída del sistema) a través de vectores no especificados, lo que desencadena desbordamiento de búfer.", }, ], id: "CVE-2016-6916", lastModified: "2024-11-21T02:57:05.740", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-24T19:59:00.427", references: [ { source: "cve@mitre.org", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94667", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94667", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-09 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@android.com | http://source.android.com/security/bulletin/2016-05-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://source.android.com/security/bulletin/2016-05-01.html | Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", matchCriteriaId: "2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9", versionEndIncluding: "6.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.", }, { lang: "es", value: "El controlador de vídeo NVIDIA en Android en versiones anteriores a 2016-05-01 sobre dispositivos Nexus 9 permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno 27297988.", }, ], id: "CVE-2016-2435", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-09T10:59:11.987", references: [ { source: "security@android.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], sourceIdentifier: "security@android.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-09 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", matchCriteriaId: "2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9", versionEndIncluding: "6.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.", }, { lang: "es", value: "El controlador de vídeo NVIDIA en Android en versiones anteriores a 2016-05-01 sobre dispositivos Nexus 9 permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno 27251090.", }, ], id: "CVE-2016-2434", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-09T10:59:10.487", references: [ { source: "security@android.com", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "security@android.com", tags: [ "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], sourceIdentifier: "security@android.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-09 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and IGraphicBufferProducer.cpp, aka internal bug 27556038.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | 4.0 | ||
| android | 4.0.1 | ||
| android | 4.0.2 | ||
| android | 4.0.3 | ||
| android | 4.0.4 | ||
| android | 4.1 | ||
| android | 4.1.1 | ||
| android | 4.1.2 | ||
| android | 4.2 | ||
| android | 4.2.1 | ||
| android | 4.2.2 | ||
| android | 4.3 | ||
| android | 4.3.1 | ||
| android | 4.4 | ||
| android | 4.4.1 | ||
| android | 4.4.2 | ||
| android | 4.4.3 | ||
| android | 5.0 | ||
| android | 5.0.1 | ||
| android | 5.1 | ||
| android | 6.0 | ||
| android | 6.0.1 | ||
| android_one | - | ||
| nexus_5 | - | ||
| nexus_5x | - | ||
| nexus_6 | - | ||
| nexus_6p | - | ||
| nexus_7_\(2013\) | - | ||
| nexus_9 | - | ||
| nexus_player | - | ||
| pixel_c | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*", matchCriteriaId: "A39C31E3-75C0-4E92-A6B5-7D67B22E3449", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BB318EA4-2908-4B91-8DBB-20008FDF528A", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*", matchCriteriaId: "1F4E46A9-B652-47CE-92E8-01021E57724B", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AB9B53C6-AE84-4A45-B83E-8E5CE44F7B93", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*", matchCriteriaId: "36DD8E3F-6308-4680-B932-4CBD8E58A7FB", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*", matchCriteriaId: "1DA9F0F7-D592-481E-884C-B1A94E702825", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "E1BBFD29-6A53-4B1E-9611-680442CD04EB", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*", matchCriteriaId: "6CD857E7-B878-49F9-BDDA-93DDEBB0B42B", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*", matchCriteriaId: "FBDABB6C-FFF9-4E79-9EF1-BDC0BBDEA9F1", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A47AB858-36DE-4330-8CAC-1B46C5C8DA80", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", matchCriteriaId: "49413FF7-7910-4F74-B106-C3170612CB2A", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", matchCriteriaId: "A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", matchCriteriaId: "A8882E50-7C49-4A99-91F2-DF979CF8BB2F", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*", matchCriteriaId: "98C32982-095C-4628-9958-118A3D3A9CAA", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*", matchCriteriaId: "8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*", matchCriteriaId: "EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*", matchCriteriaId: "FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", matchCriteriaId: "7C4E6353-B77A-464F-B7DE-932704003B33", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", matchCriteriaId: "77125688-2CCA-4990-ABB2-551D47CB0CDD", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", matchCriteriaId: "E7A8EC00-266C-409B-AD43-18E8DFCD6FE3", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E70C6D8D-C9C3-4D92-8DFC-71F59E068295", vulnerable: true, }, { criteria: "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "691FA41B-C2CE-413F-ABB1-0B22CB322807", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:google:android_one:-:*:*:*:*:*:*:*", matchCriteriaId: "50A96E21-4545-41AD-9FDB-E6F2B59F2DEF", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_5:-:*:*:*:*:*:*:*", matchCriteriaId: "25DB8689-116F-49B5-91F5-BCBA8854BD42", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_5x:-:*:*:*:*:*:*:*", matchCriteriaId: "881D2748-D79A-491F-97AA-BB83BBDFD348", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_6:-:*:*:*:*:*:*:*", matchCriteriaId: "065B6512-4BB7-4A7D-B5C8-61E27B07D588", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_6p:-:*:*:*:*:*:*:*", matchCriteriaId: "A988DE0D-BFF2-453E-B502-A53F7976145A", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_7_\\(2013\\):-:*:*:*:*:*:*:*", matchCriteriaId: "8C58736F-CD29-489E-95AF-4066E688705D", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_player:-:*:*:*:*:*:*:*", matchCriteriaId: "C28515A5-7911-40B0-971D-9F593142170E", vulnerable: false, }, { criteria: "cpe:2.3:h:google:pixel_c:-:*:*:*:*:*:*:*", matchCriteriaId: "9526852E-8BF4-42AA-A9BC-84FEC564B871", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and IGraphicBufferProducer.cpp, aka internal bug 27556038.", }, { lang: "es", value: "mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versiones anteriores a 2016-05-01 no inicializa determinadas estructuras de datos, lo que permite a atacantes obtener información sensible a través de una aplicación manipulada, relacionado con IGraphicBufferConsumer.cpp y IGraphicBufferProducer.cpp, también conocido como error interno 27556038.", }, ], id: "CVE-2016-2459", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-09T10:59:37.297", references: [ { source: "security@android.com", tags: [ "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { source: "security@android.com", url: "https://android.googlesource.com/platform/frameworks/native/+/a30d7d90c4f718e46fb41a99b3d52800e1011b73", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://android.googlesource.com/platform/frameworks/native/+/a30d7d90c4f718e46fb41a99b3d52800e1011b73", }, ], sourceIdentifier: "security@android.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-09 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@android.com | http://source.android.com/security/bulletin/2016-05-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://source.android.com/security/bulletin/2016-05-01.html | Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", matchCriteriaId: "2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9", versionEndIncluding: "6.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27208332.", }, { lang: "es", value: "El controlador multimedia NVIDIA en Android en versiones anteriores a 2016-05-01 sobre dispositivos Nexus 9 permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno 27208332.", }, ], id: "CVE-2016-2444", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-09T10:59:21.813", references: [ { source: "security@android.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], sourceIdentifier: "security@android.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-09 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@android.com | http://source.android.com/security/bulletin/2016-05-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://source.android.com/security/bulletin/2016-05-01.html | Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", matchCriteriaId: "2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9", versionEndIncluding: "6.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.", }, { lang: "es", value: "El controlador de vídeo NVIDIA en Android en versiones anteriores a 2016-05-01 sobre dispositivos Nexus 9 permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno 27436822.", }, ], id: "CVE-2016-2437", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-09T10:59:14.313", references: [ { source: "security@android.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], sourceIdentifier: "security@android.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-06-06 20:29
Modified
2024-11-21 04:23
Severity ?
Summary
Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mi | mi_5s_plus_firmware | - | |
| mi | mi_5s_plus | - | |
| sony | xperia_z4_firmware | - | |
| sony | xperia_z4 | - | |
| samsung | galaxy_s6_edge_firmware | - | |
| samsung | galaxy_s6_edge | - | |
| samsung | galaxy_s4_firmware | - | |
| samsung | galaxy_s4 | - | |
| nexus_7_firmware | - | ||
| nexus_7 | - | ||
| nexus_9_firmware | - | ||
| nexus_9 | - | ||
| sharp | aquos_zeta_sh-04f_firmware | - | |
| sharp | aquos_zeta_sh-04f | - | |
| fujitsu | arrows_nx_f05-f_firmware | - | |
| fujitsu | arrows_nx_f05-f | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:mi:mi_5s_plus_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F0D0C125-DF98-4616-9957-16F9F4A37DFA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:mi:mi_5s_plus:-:*:*:*:*:*:*:*", matchCriteriaId: "C2C8D05B-B851-41BD-A0C7-ED4B47A4CAA1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sony:xperia_z4_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2BE6C7CA-1A0A-46D1-8807-476E8014F5C0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:sony:xperia_z4:-:*:*:*:*:*:*:*", matchCriteriaId: "AB52A381-4094-483C-BC6F-01E81BB2D3C3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:samsung:galaxy_s6_edge_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B7D8A184-3F01-49A1-98BE-B735296383B1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:samsung:galaxy_s6_edge:-:*:*:*:*:*:*:*", matchCriteriaId: "64C60E27-871F-4B77-87A5-9F9F20DCA2D3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:samsung:galaxy_s4_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5612A23E-43B3-4B13-89C1-6178C1737DAB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*", matchCriteriaId: "717D895C-E64D-4E0E-9F4A-9B191E6388B6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:nexus_7_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "183D2632-2F2A-4B17-9617-92509C31B702", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_7:-:*:*:*:*:*:*:*", matchCriteriaId: "12357E84-6FAE-4C6B-8FD3-BD5457DBBBCE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:nexus_9_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "852FB43E-072C-4C96-ABEF-6F15E4F3C0F3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sharp:aquos_zeta_sh-04f_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "16E64A2E-16CB-4301-8A7C-F3765EF2B7BE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:sharp:aquos_zeta_sh-04f:-:*:*:*:*:*:*:*", matchCriteriaId: "2D5DC700-E8CB-4A19-B704-5384ED7D3697", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5CDA25A7-839A-4870-8DE6-D2B0D2405F37", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:*:*:*:*:*:*:*", matchCriteriaId: "99C8B1DE-1EA8-405F-9D4E-5F6D96F4B6D4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.", }, { lang: "es", value: "Los dispositivos Xiaomi Mi 5s Plus permiten a los atacantes desencadenar anomalías de la pantalla táctil a través de una señal de radio entre 198 kHz y 203 kHz, como lo demuestra un transmisor y una antena ocultos justo debajo de la superficie de una mesa de cafetería, también conocida como Ghost Touch.", }, ], id: "CVE-2019-12762", lastModified: "2024-11-21T04:23:31.383", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-06T20:29:02.807", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://hackercombat.com/nfc-vulnerability-may-promote-ghost-screen-taps/", }, { source: "cve@mitre.org", url: "https://medium.com/%40juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://hackercombat.com/nfc-vulnerability-may-promote-ghost-screen-taps/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://medium.com/%40juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-09 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@android.com | http://source.android.com/security/bulletin/2016-05-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://source.android.com/security/bulletin/2016-05-01.html | Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", matchCriteriaId: "2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9", versionEndIncluding: "6.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.", }, { lang: "es", value: "El controlador de vídeo NVIDIA en Android en versiones anteriores a 2016-05-01 sobre dispositivos Nexus 9 permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno 27299111.", }, ], id: "CVE-2016-2436", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-09T10:59:13.000", references: [ { source: "security@android.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], sourceIdentifier: "security@android.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-10-10 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30148243.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@android.com | http://source.android.com/security/bulletin/2016-10-01.html | Vendor Advisory | |
| security@android.com | http://www.securityfocus.com/bid/93326 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://source.android.com/security/bulletin/2016-10-01.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93326 | Third Party Advisory, VDB Entry |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", matchCriteriaId: "09E6085C-A61E-4A89-BF80-EDD9A7DF1E47", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:google:android_one:-:*:*:*:*:*:*:*", matchCriteriaId: "50A96E21-4545-41AD-9FDB-E6F2B59F2DEF", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_5:-:*:*:*:*:*:*:*", matchCriteriaId: "25DB8689-116F-49B5-91F5-BCBA8854BD42", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_5x:-:*:*:*:*:*:*:*", matchCriteriaId: "881D2748-D79A-491F-97AA-BB83BBDFD348", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_6:-:*:*:*:*:*:*:*", matchCriteriaId: "065B6512-4BB7-4A7D-B5C8-61E27B07D588", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_6p:-:*:*:*:*:*:*:*", matchCriteriaId: "A988DE0D-BFF2-453E-B502-A53F7976145A", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, { criteria: "cpe:2.3:h:google:nexus_player:-:*:*:*:*:*:*:*", matchCriteriaId: "C28515A5-7911-40B0-971D-9F593142170E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30148243.", }, { lang: "es", value: "El kernel en Android en versiones anteriores a 2016-10-05 en dispositivos Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player y Android One permite a atacantes obtener información sensible a través de una aplicación manipulada, vulnerabilidad también conocida como error interno 30148243.", }, ], id: "CVE-2016-6684", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-10-10T11:00:01.480", references: [ { source: "security@android.com", tags: [ "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-10-01.html", }, { source: "security@android.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-10-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/93326", }, ], sourceIdentifier: "security@android.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-09 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@android.com | http://source.android.com/security/bulletin/2016-05-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://source.android.com/security/bulletin/2016-05-01.html | Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", matchCriteriaId: "2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9", versionEndIncluding: "6.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.", }, { lang: "es", value: "El controlador multimedia NVIDIA en Android en versiones anteriores a 2016-05-01 sobre dispositivos Nexus 9 permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno 27253079.", }, ], id: "CVE-2016-2445", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-09T10:59:23.283", references: [ { source: "security@android.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, ], sourceIdentifier: "security@android.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-05-09 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", matchCriteriaId: "2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9", versionEndIncluding: "6.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.", }, { lang: "es", value: "El controlador multimedia NVIDIA en Android en versiones anteriores a 2016-05-01 sobre dispositivos Nexus 9 permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno 27441354.", }, ], id: "CVE-2016-2446", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-05-09T10:59:24.547", references: [ { source: "security@android.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { source: "security@android.com", url: "http://www.securitytracker.com/id/1036763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://source.android.com/security/bulletin/2016-05-01.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036763", }, ], sourceIdentifier: "security@android.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-24 20:59
Modified
2024-11-21 02:57
Severity ?
Summary
Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | shield_tablet_firmware | * | |
| nvidia | shield_tablet | - | |
| nvidia | shield_tablet_tk1_firmware | * | |
| nvidia | shield_tablet_tk1 | - | |
| nvidia | shield_tv_firmware | * | |
| nvidia | shield_tv | - | |
| nvidia | video_driver | - | |
| nexus_9 | - | ||
| pixel_c | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:shield_tablet_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0750A91D-C568-49C4-86E0-D9DA075BA33D", versionEndIncluding: "4.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tablet:-:*:*:*:*:*:*:*", matchCriteriaId: "A28C0ED3-654C-4783-B8A0-67D7C3D1FE9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:shield_tablet_tk1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D103EA4F-A03D-487F-8686-838078B78199", versionEndIncluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tablet_tk1:-:*:*:*:*:*:*:*", matchCriteriaId: "845E4A71-7181-4AB6-9ADF-43ABC6C9A785", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D495631-CFF4-46B5-AAAE-3E51717C1337", versionEndIncluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:video_driver:-:*:*:*:*:android:*:*", matchCriteriaId: "C162AD10-3322-4317-B808-B6B517576F66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, { criteria: "cpe:2.3:h:google:pixel_c:-:*:*:*:*:*:*:*", matchCriteriaId: "9526852E-8BF4-42AA-A9BC-84FEC564B871", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.", }, { lang: "es", value: "Desbordamiento de búfer basado en la pila en nvhost_job.c en el controlador de vídeo NVIDIA para Android, Shield TV versiones anteriores de OTA 3.3, Shield Table versiones anteriores de OTA 4.4 y Shield Table TK1 versiones anteriores de OTA 1.5.", }, ], id: "CVE-2016-6915", lastModified: "2024-11-21T02:57:05.563", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-24T20:59:00.147", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { source: "cve@mitre.org", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94667", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94667", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-04-24 19:59
Modified
2024-11-21 02:57
Severity ?
Summary
Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nvidia | shield_tablet_firmware | * | |
| nvidia | shield_tablet | - | |
| nvidia | shield_tablet_tk1_firmware | * | |
| nvidia | shield_tablet_tk1 | - | |
| nvidia | shield_tv_firmware | * | |
| nvidia | shield_tv | - | |
| nvidia | video_driver | - | |
| nexus_9 | - | ||
| pixel_c | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:shield_tablet_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0750A91D-C568-49C4-86E0-D9DA075BA33D", versionEndIncluding: "4.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tablet:-:*:*:*:*:*:*:*", matchCriteriaId: "A28C0ED3-654C-4783-B8A0-67D7C3D1FE9A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:shield_tablet_tk1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D103EA4F-A03D-487F-8686-838078B78199", versionEndIncluding: "1.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tablet_tk1:-:*:*:*:*:*:*:*", matchCriteriaId: "845E4A71-7181-4AB6-9ADF-43ABC6C9A785", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:nvidia:shield_tv_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8D495631-CFF4-46B5-AAAE-3E51717C1337", versionEndIncluding: "3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:nvidia:shield_tv:-:*:*:*:*:*:*:*", matchCriteriaId: "49F85C44-6B7E-4B7C-AC8D-9D5727DFA0B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nvidia:video_driver:-:*:*:*:*:android:*:*", matchCriteriaId: "C162AD10-3322-4317-B808-B6B517576F66", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*", matchCriteriaId: "1018566D-5DBE-44BD-BA05-1F6A6375C32F", vulnerable: false, }, { criteria: "cpe:2.3:h:google:pixel_c:-:*:*:*:*:*:*:*", matchCriteriaId: "9526852E-8BF4-42AA-A9BC-84FEC564B871", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5.", }, { lang: "es", value: "Desbordamiento de búfer en nvhost_job.c en el video driver NVIDIA video para Android, Shield TV en versiones anteriores a OTA 3.3, Shield Table en versiones anteriores a OTA 4.4, y Shield Table TK1 en versiones anteriores a OTA 1.5.", }, ], id: "CVE-2016-6917", lastModified: "2024-11-21T02:57:05.900", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-04-24T19:59:00.457", references: [ { source: "cve@mitre.org", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94667", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94667", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://source.android.com/security/bulletin/2016-12-01", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }