Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android 5.1.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2015-3854
packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarnings.java in Android 5.x allows malicious users to bypass a DEVICE_POWER permission requirement via a broadcast intent with the PNW.stopSaver action, aka internal bug 20918350.
Google Android 5.0
Google Android 5.1.1
Google Android 5.0.2
Google Android 5.1.0
Google Android 5.0.1
Google Android 5.1
3 Github repositories
7.8
CVSSv3
CVE-2015-6647
The Widevine QSEE TrustZone application in Android 5.x prior to 5.1.1 LMY49F and 6.0 prior to 2016-01-01 allows malicious users to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554.
Google Android 5.1.0
Google Android 5.0.2
Google Android 6.0
Google Android 5.0.1
Google Android 5.0
Google Android 5.1.1
7.8
CVSSv3
CVE-2016-3762
The sockets subsystem in Android 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-07-01 allows malicious users to gain privileges via a crafted application that uses (1) the AF_MSM_IPC socket class or (2) another socket class that is unrecognized by SELinux, aka ...
Google Android 6.0
Google Android 5.1.0
Google Android 5.1
Google Android 5.0.1
Google Android 5.0
Google Android 6.0.1
7.8
CVSSv3
CVE-2016-3825
mm-video-v4l2/vidc/venc/src/omx_video_base.cpp in mediaserver in Android 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-08-01 allocates an incorrect amount of memory, which allows malicious users to gain privileges via a crafted application, aka internal bug 28...
Google Android 5.0
Google Android 5.1
Google Android 5.0.1
Google Android 6.0
Google Android 5.1.0
Google Android 6.0.1
7.8
CVSSv3
CVE-2016-3833
The Shell component in Android 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-08-01 does not properly manage the MANAGE_USERS and CREATE_USERS permissions, which allows malicious users to bypass intended access restrictions via a crafted application, aka intern...
Google Android 6.0
Google Android 5.0.1
Google Android 5.1
Google Android 5.1.0
Google Android 6.0.1
Google Android 5.0
5.5
CVSSv3
CVE-2016-3836
The SurfaceFlinger service in Android 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-08-01 allows malicious users to obtain sensitive information via a crafted application, related to lack of a default constructor in include/ui/FrameStats.h, aka internal bug 28...
Google Android 5.1
Google Android 5.1.0
Google Android 5.0
Google Android 5.0.1
Google Android 6.0.1
Google Android 6.0
5.5
CVSSv3
CVE-2016-3837
service/jni/com_android_server_wifi_WifiNative.cpp in Wi-Fi in Android 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-08-01 allows malicious users to obtain sensitive information via a crafted application that provides a MAC address with too few characters, aka...
Google Android 6.0.1
Google Android 5.1
Google Android 5.0.1
Google Android 5.1.0
Google Android 6.0
Google Android 5.0
5.5
CVSSv3
CVE-2016-2415
exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-04-01 allows malicious users to obtain sensitive information via a crafted application that triggers a spoofed ...
Google Android 6.0.1
Google Android 5.0
Google Android 5.1.0
Google Android 5.0.1
Google Android 6.0
Google Android 5.1
5.5
CVSSv3
CVE-2016-2458
The compose functionality in AOSP Mail in Android 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-05-01 does not properly restrict attachments, which allows malicious users to obtain sensitive information via a crafted application, related to ComposeActivity.jav...
Google Android 6.0.1
Google Android 6.0
Google Android 5.1.0
Google Android 5.1
Google Android 5.0
Google Android 5.0.1
5.5
CVSSv3
CVE-2016-2500
Activity Manager in Android 5.0.x prior to 5.0.2, 5.1.x prior to 5.1.1, and 6.x prior to 2016-06-01 does not properly terminate process groups, which allows malicious users to obtain sensitive information via a crafted application, aka internal bug 19285814.
Google Android 5.1
Google Android 5.0.1
Google Android 5.0
Google Android 6.0
Google Android 6.0.1
Google Android 5.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »