| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-0728 | 7.2 |
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and us
|
12-02-2023 - 23:15 | 08-02-2016 - 03:59 | |
| CVE-2016-0821 | 2.1 |
The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a pois
|
31-01-2022 - 17:54 | 12-03-2016 - 21:59 | |
| CVE-2016-1621 | 10.0 |
libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvp
|
03-12-2016 - 03:21 | 12-03-2016 - 21:59 | |
| CVE-2016-0826 | 9.3 |
libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0827 | 9.3 |
Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureO
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0831 | 4.3 |
The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READ_PHONE_STATE permission, which allows attackers to obtain sensitiv
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0832 | 6.6 |
Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25955042.
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0819 | 9.3 |
The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 25364034.
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0823 | 2.1 |
The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 257
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0828 | 5.0 |
The BnGraphicBufferConsumer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not initialize a certain slot variable, which allows attackers to obtain sensitiv
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0818 | 4.3 |
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA,
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0825 | 5.0 |
The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka interna
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0816 | 10.0 |
mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_parse_islice.c and decoder/ih264d_parse_pslice.c, aka
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0820 | 9.3 |
The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358.
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0822 | 7.6 |
The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324.
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0830 | 3.3 |
btif_config.c in Bluetooth in Android 6.x before 2016-03-01 allows remote attackers to cause a denial of service (memory corruption and persistent daemon crash) by triggering a large number of configuration entries, and consequently exceeding the max
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0824 | 5.0 |
libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via crafted Bitstream data, as demonstrated by obtaining Signature or Signature
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0815 | 10.0 |
The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of ser
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 | |
| CVE-2016-0829 | 5.0 |
The BnGraphicBufferProducer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not initialize a certain output data structure, which allows a
|
28-11-2016 - 19:55 | 12-03-2016 - 21:59 |