Max CVSS | 10.0 | Min CVSS | 3.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-8955 | 6.9 |
arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multip
|
05-10-2023 - 14:19 | 10-10-2016 - 10:59 | |
CVE-2016-0758 | 7.2 |
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
|
12-02-2023 - 23:16 | 27-06-2016 - 10:59 | |
CVE-2016-7117 | 10.0 |
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
|
19-01-2023 - 16:13 | 10-10-2016 - 11:00 | |
CVE-2016-5696 | 5.8 |
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
|
17-11-2021 - 22:15 | 06-08-2016 - 20:59 | |
CVE-2015-0572 | 4.4 |
Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attacker
|
04-08-2020 - 19:19 | 10-10-2016 - 10:59 | |
CVE-2016-5344 | 7.5 |
Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service or possibly have unspecified o
|
04-08-2020 - 19:17 | 30-08-2016 - 17:59 | |
CVE-2016-5342 | 7.2 |
Heap-based buffer overflow in the wcnss_wlan_write function in drivers/net/wireless/wcnss/wcnss_wlan.c in the wcnss_wlan device driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and ot
|
04-08-2020 - 19:13 | 30-08-2016 - 17:59 | |
CVE-2016-5343 | 7.5 |
drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (m
|
03-08-2020 - 16:24 | 10-10-2016 - 10:59 | |
CVE-2016-5340 | 7.2 |
The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypas
|
03-08-2020 - 16:13 | 07-08-2016 - 21:59 | |
CVE-2016-2059 | 4.4 |
The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does no
|
03-08-2020 - 15:59 | 05-05-2016 - 21:59 | |
CVE-2016-5348 | 7.1 |
The GPS component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows man-in-the-middle attackers to cause a denial of service (memory consumption, and device hang or reboot) vi
|
19-04-2018 - 01:29 | 10-10-2016 - 10:59 | |
CVE-2015-8956 | 3.6 |
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluet
|
05-01-2018 - 02:30 | 10-10-2016 - 10:59 | |
CVE-2016-3930 | 9.3 |
The NVIDIA MMC test driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28760138.
|
19-10-2017 - 01:30 | 10-10-2016 - 10:59 | |
CVE-2016-6689 | 4.3 |
Binder in the kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30768347.
|
03-09-2017 - 01:29 | 10-10-2016 - 11:00 | |
CVE-2016-3885 | 9.3 |
debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles the interaction between PTRACE_ATTACH operations and thread exits, which allows attackers to gain priv
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-6678 | 4.3 |
The Motorola USBNet driver in Android before 2016-10-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 29914434.
|
18-01-2017 - 02:59 | 10-10-2016 - 10:59 | |
CVE-2016-6696 | 7.5 |
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm
|
06-12-2016 - 15:09 | 10-10-2016 - 11:00 | |
CVE-2016-6679 | 4.3 |
CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes a setwpaie ioctl call, aka Android int
|
06-12-2016 - 15:09 | 10-10-2016 - 10:59 | |
CVE-2016-6695 | 7.5 |
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted visualizer data length, aka Qualcomm internal b
|
06-12-2016 - 15:09 | 10-10-2016 - 11:00 | |
CVE-2016-6677 | 4.3 |
The NVIDIA GPU driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30259955.
|
06-12-2016 - 15:09 | 10-10-2016 - 10:59 | |
CVE-2016-6682 | 4.3 |
drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a
|
06-12-2016 - 15:09 | 10-10-2016 - 10:59 | |
CVE-2016-6694 | 7.5 |
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via crafted parameter data, aka Qualcomm internal bug CR 1033
|
06-12-2016 - 15:08 | 10-10-2016 - 11:00 | |
CVE-2016-6687 | 4.3 |
The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30162222.
|
06-12-2016 - 15:08 | 10-10-2016 - 11:00 | |
CVE-2016-6683 | 4.3 |
The kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30143283.
|
06-12-2016 - 15:08 | 10-10-2016 - 11:00 | |
CVE-2016-6680 | 6.8 |
CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes an iw_set_priv ioctl call, aka Android in
|
06-12-2016 - 15:08 | 10-10-2016 - 10:59 | |
CVE-2016-6692 | 7.5 |
drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal
|
06-12-2016 - 15:08 | 10-10-2016 - 11:00 | |
CVE-2016-6676 | 9.3 |
Off-by-one error in CORE/HDD/src/wlan_hdd_cfg.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application
|
06-12-2016 - 15:08 | 10-10-2016 - 10:59 | |
CVE-2016-6684 | 4.3 |
The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30148243.
|
06-12-2016 - 15:07 | 10-10-2016 - 11:00 | |
CVE-2016-6688 | 4.3 |
The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30593080.
|
06-12-2016 - 15:05 | 10-10-2016 - 11:00 | |
CVE-2016-6690 | 7.1 |
The sound driver in the kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Nexus Player devices allows attackers to cause a denial of service (reboot) via a crafted application, aka internal bug 28838221.
|
06-12-2016 - 15:04 | 10-10-2016 - 11:00 | |
CVE-2016-6693 | 7.5 |
sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via an invalid data length, aka Qualcomm internal bug CR 1027
|
06-12-2016 - 15:04 | 10-10-2016 - 11:00 | |
CVE-2016-6675 | 9.3 |
Off-by-one error in CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted applica
|
06-12-2016 - 15:03 | 10-10-2016 - 10:59 | |
CVE-2016-6681 | 4.3 |
drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a
|
06-12-2016 - 14:46 | 10-10-2016 - 10:59 | |
CVE-2016-6685 | 4.3 |
The kernel in Android before 2016-10-05 on Nexus 6P devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30402628.
|
06-12-2016 - 14:46 | 10-10-2016 - 11:00 | |
CVE-2016-6686 | 4.3 |
The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30163101.
|
06-12-2016 - 14:41 | 10-10-2016 - 11:00 | |
CVE-2016-6691 | 7.5 |
service/jni/com_android_server_wifi_Gbk2Utf.cpp in the Qualcomm Wi-Fi gbk2utf module in Android before 2016-10-05 allows remote attackers to cause a denial of service (framework crash) or possibly have unspecified other impact via an access point tha
|
06-12-2016 - 14:41 | 10-10-2016 - 11:00 | |
CVE-2016-6674 | 6.8 |
system_server in Android before 2016-10-05 on Nexus devices allows attackers to gain privileges via a crafted application, aka internal bug 30445380.
|
28-11-2016 - 20:33 | 10-10-2016 - 10:59 | |
CVE-2016-6672 | 9.3 |
The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 30537088.
|
28-11-2016 - 20:33 | 10-10-2016 - 10:59 | |
CVE-2016-6673 | 9.3 |
The NVIDIA camera driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 30204201.
|
28-11-2016 - 20:33 | 10-10-2016 - 10:59 | |
CVE-2016-3940 | 9.3 |
The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 6P and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 30141991.
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3935 | 9.3 |
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, a
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3936 | 9.3 |
The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019037 and MediaTek internal bug ALPS02829568.
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3927 | 10.0 |
Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823244.
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3928 | 9.3 |
The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019362 and MediaTek internal bug ALPS02829384.
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3937 | 9.3 |
The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30030994 and MediaTek internal bug ALPS02834874.
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3924 | 4.3 |
services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate EFFECT_CMD_SET_PARAM and EFFECT_CMD_SET_PARAM_DEFERRED commands,
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3929 | 10.0 |
Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823675.
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3925 | 4.3 |
server/wifi/anqp/ANQPFactory.java in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows attackers to cause a denial of service (blocked Wi-Fi usage) via a crafted application, aka internal bug 30230534.
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3939 | 9.3 |
drivers/video/msm/mdss/mdss_debug.c in the Qualcomm video driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 30874196 and
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3931 | 9.3 |
drivers/misc/qseecom.c in the Qualcomm QSEE Communicator driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29157595 and
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3932 | 9.3 |
mediaserver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 29161895 and MediaTek internal bug ALPS02770870.
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3934 | 9.3 |
drivers/media/platform/msm/camera_v2/sensor/io/msm_camera_cci_i2c.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices relies on variable-length arrays, which allows attackers t
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3926 | 10.0 |
Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5, 5X, 6, and 6P devices has unknown impact and attack vectors, aka internal bug 28823953.
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3938 | 9.3 |
drivers/video/msm/mdss/mdss_mdp_overlay.c in the Qualcomm video driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 300197
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3933 | 9.3 |
mediaserver in Android before 2016-10-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 29421408.
|
28-11-2016 - 20:14 | 10-10-2016 - 10:59 | |
CVE-2016-3905 | 9.3 |
CORE/HDD/src/wlan_hdd_main.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application that sends a SENDACTIONFRAME command, aka Android internal bug 28061823 and Qualc
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3901 | 9.3 |
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, a
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3923 | 4.3 |
The Accessibility services in Android 7.0 before 2016-10-01 mishandle motion events, which allows attackers to conduct touchjacking attacks and consequently gain privileges via a crafted application, aka internal bug 30647115.
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3912 | 9.3 |
The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allow attackers to gain privileges via a crafted application, aka internal bug 30202481.
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3921 | 9.3 |
libsysutils/src/FrameworkListener.cpp in Framework Listener in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka inter
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3910 | 9.3 |
services/soundtrigger/SoundTriggerHwService.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 3014854
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3915 | 9.3 |
camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 3
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3918 | 4.3 |
email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain values are integers, which allows attackers to read
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3902 | 4.3 |
drivers/platform/msm/ipa/ipa_qmi_service.c in the Qualcomm IPA driver in Android before 2016-10-05 on Nexus 5X and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29953313 and Qualcomm i
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3917 | 7.2 |
The fingerprint login feature in Android 6.0.1 before 2016-10-01 and 7.0 before 2016-10-01 does not track the user account during the authentication process, which allows physically proximate attackers to authenticate as an arbitrary user by leveragi
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3922 | 6.8 |
libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619.
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3908 | 4.3 |
The Lock Settings Service in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows attackers to remove a device's PIN or password, and consequently gain privileges, via a crafted application, aka internal bug 30003944.
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3909 | 9.3 |
The SoftMPEG4 component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3903 | 9.3 |
drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3882 | 6.1 |
Off-by-one error in server/wifi/anqp/VenueNameElement.java in Wi-Fi in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (reboot) via an access point that provides a crafted (1) Venue Group o
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3911 | 9.3 |
core/java/android/os/Process.java in Zygote in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30143607
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3860 | 4.3 |
sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3920 | 7.1 |
id3/ID3.cpp in libstagefright in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka inte
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3900 | 9.3 |
cmds/servicemanager/service_manager.c in ServiceManager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not properly restrict service registration, which allows attackers to gain privileges via
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3913 | 9.3 |
media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate a certain static_cast operation, which allows at
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3914 | 9.3 |
Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application th
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2016-3916 | 9.3 |
camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 3
|
28-11-2016 - 20:13 | 10-10-2016 - 10:59 | |
CVE-2015-8951 | 9.3 |
Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, a
|
28-11-2016 - 19:50 | 10-10-2016 - 10:59 | |
CVE-2015-8950 | 4.3 |
arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by trig
|
28-11-2016 - 19:50 | 10-10-2016 - 10:59 |