Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-5195 | 7.2 |
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in Oc
|
24-07-2024 - 14:27 | 10-11-2016 - 21:59 | |
CVE-2016-2184 | 4.9 |
The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) v
|
12-09-2023 - 14:55 | 27-04-2016 - 17:59 | |
CVE-2016-6828 | 4.9 |
The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-
|
12-02-2023 - 23:25 | 16-10-2016 - 21:59 | |
CVE-2016-0718 | 7.5 |
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
|
12-02-2023 - 23:15 | 26-05-2016 - 16:59 | |
CVE-2015-8962 | 9.3 |
Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_I
|
19-01-2023 - 16:07 | 16-11-2016 - 05:59 | |
CVE-2015-8961 | 9.3 |
The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper access to a certain error field.
|
19-01-2023 - 16:05 | 16-11-2016 - 05:59 | |
CVE-2015-1283 | 6.8 |
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspec
|
05-07-2022 - 18:57 | 23-07-2015 - 00:59 | |
CVE-2015-0410 | 5.0 |
Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown ve
|
13-05-2022 - 14:57 | 21-01-2015 - 18:59 | |
CVE-2016-5300 | 7.8 |
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists beca
|
31-07-2021 - 08:15 | 16-06-2016 - 18:59 | |
CVE-2012-6702 | 4.3 |
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
|
25-01-2021 - 15:44 | 16-06-2016 - 18:59 | |
CVE-2016-6710 | 4.3 |
An information disclosure vulnerability in the download manager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to bypass operating system protections that
|
30-05-2019 - 14:19 | 25-11-2016 - 16:59 | |
CVE-2016-6724 | 7.1 |
A denial of service vulnerability in the Input Manager Service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to cause the device to con
|
07-03-2019 - 19:49 | 25-11-2016 - 16:59 | |
CVE-2016-6723 | 5.4 |
A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a remote attacker to use a specially crafted file to cause a dev
|
07-03-2019 - 19:49 | 25-11-2016 - 16:59 | |
CVE-2016-6715 | 4.3 |
An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could allow a local malicious application to record audio without the
|
07-03-2019 - 19:42 | 25-11-2016 - 16:59 | |
CVE-2016-6717 | 7.6 |
An elevation of privilege vulnerability in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within t
|
07-03-2019 - 19:38 | 25-11-2016 - 16:59 | |
CVE-2016-6721 | 4.3 |
An information disclosure vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it c
|
07-03-2019 - 19:37 | 25-11-2016 - 16:59 | |
CVE-2016-6722 | 4.3 |
An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data o
|
07-03-2019 - 19:36 | 13-12-2016 - 19:59 | |
CVE-2016-6720 | 4.3 |
An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data o
|
07-03-2019 - 19:28 | 13-12-2016 - 19:59 | |
CVE-2016-6709 | 4.3 |
An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle attacker to gain access to sensitive information if a non-standard cipher suite is used by
|
07-03-2019 - 19:25 | 25-11-2016 - 16:59 | |
CVE-2016-6707 | 9.3 |
An elevation of privilege vulnerability in System Server in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated a
|
07-03-2019 - 19:25 | 25-11-2016 - 16:59 | |
CVE-2016-6719 | 4.3 |
An elevation of privilege vulnerability in the Bluetooth component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to pair with any Bluet
|
07-03-2019 - 19:15 | 25-11-2016 - 16:59 | |
CVE-2016-6713 | 7.1 |
A remote denial of service vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possi
|
06-03-2019 - 15:08 | 25-11-2016 - 16:59 | |
CVE-2016-6714 | 7.1 |
A remote denial of service vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possi
|
06-03-2019 - 14:57 | 25-11-2016 - 16:59 | |
CVE-2016-6705 | 9.3 |
An elevation of privilege vulnerability in Mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a pr
|
05-03-2019 - 18:22 | 25-11-2016 - 16:59 | |
CVE-2016-6704 | 9.3 |
An elevation of privilege vulnerability in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within t
|
05-03-2019 - 15:58 | 25-11-2016 - 16:59 | |
CVE-2014-9675 | 5.0 |
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
|
30-10-2018 - 16:27 | 08-02-2015 - 11:59 | |
CVE-2016-6136 | 1.9 |
Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "doubl
|
05-01-2018 - 02:31 | 06-08-2016 - 20:59 | |
CVE-2016-6754 | 6.8 |
A remote code execution vulnerability in Webview in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-05 could enable a remote attacker to execute arbitrary code when the user is navigating to a website. This issue is rated as Hi
|
24-12-2016 - 02:59 | 25-11-2016 - 16:59 | |
CVE-2016-6711 | 7.1 |
A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot
|
15-12-2016 - 03:00 | 13-12-2016 - 19:59 | |
CVE-2016-6706 | 9.3 |
An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High bec
|
15-12-2016 - 03:00 | 13-12-2016 - 19:59 | |
CVE-2016-6712 | 7.1 |
A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot
|
15-12-2016 - 03:00 | 13-12-2016 - 19:59 | |
CVE-2016-6699 | 9.3 |
A remote code execution vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as C
|
15-12-2016 - 03:00 | 13-12-2016 - 19:59 | |
CVE-2016-6708 | 2.1 |
An elevation of privilege in the System UI in Android 7.0 before 2016-11-01 could enable a local malicious user to bypass the security prompt of your work profile in Multi-Window mode. This issue is rated as High because it is a local bypass of user
|
06-12-2016 - 15:09 | 25-11-2016 - 16:59 | |
CVE-2016-6702 | 6.8 |
A remote code execution vulnerability in libjpeg in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This
|
06-12-2016 - 15:09 | 25-11-2016 - 16:59 | |
CVE-2016-6703 | 6.8 |
A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in
|
06-12-2016 - 15:09 | 25-11-2016 - 16:59 | |
CVE-2016-6716 | 4.3 |
An elevation of privilege vulnerability in the AOSP Launcher in Android 7.0 before 2016-11-01 could allow a local malicious application to create shortcuts that have elevated privileges without the user's consent. This issue is rated as Moderate beca
|
06-12-2016 - 15:09 | 25-11-2016 - 16:59 | |
CVE-2016-6700 | 9.3 |
An elevation of privilege vulnerability in libzipfile in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue
|
06-12-2016 - 15:07 | 25-11-2016 - 16:59 | |
CVE-2016-6718 | 4.3 |
An elevation of privilege vulnerability in the Account Manager Service in Android 7.0 before 2016-11-01 could enable a local malicious application to retrieve sensitive information without user interaction. This issue is rated as Moderate because it
|
06-12-2016 - 15:05 | 25-11-2016 - 16:59 | |
CVE-2016-6701 | 6.8 |
A remote code execution vulnerability in libskia in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibi
|
06-12-2016 - 15:05 | 25-11-2016 - 16:59 | |
CVE-2016-6698 | 4.3 |
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its
|
06-12-2016 - 15:03 | 25-11-2016 - 16:59 | |
CVE-2016-6750 | 4.3 |
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6741 | 9.3 |
An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first req
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6751 | 4.3 |
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6747 | 7.1 |
A denial of service vulnerability in Mediaserver in Android before 2016-11-05 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. A
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6745 | 9.3 |
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it fir
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6742 | 9.3 |
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it fir
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6752 | 4.3 |
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6746 | 4.3 |
An information disclosure vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access s
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6743 | 9.3 |
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it fir
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6753 | 4.3 |
An information disclosure vulnerability in kernel components, including the process-grouping subsystem and the networking subsystem, in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission leve
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6749 | 4.3 |
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6744 | 9.3 |
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it fir
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6748 | 4.3 |
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its
|
28-11-2016 - 20:35 | 25-11-2016 - 16:59 | |
CVE-2016-6736 | 9.3 |
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibilit
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6730 | 9.3 |
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibilit
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6725 | 10.0 |
A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remo
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6739 | 9.3 |
An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first req
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6733 | 9.3 |
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibilit
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6734 | 9.3 |
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibilit
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6729 | 9.3 |
An elevation of privilege vulnerability in the Qualcomm bootloader in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibil
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6737 | 9.3 |
An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibi
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6731 | 9.3 |
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibilit
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6738 | 9.3 |
An elevation of privilege vulnerability in the Qualcomm crypto engine driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it fi
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6732 | 9.3 |
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibilit
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6728 | 9.3 |
An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibi
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6740 | 9.3 |
An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first req
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-6735 | 9.3 |
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibilit
|
28-11-2016 - 20:34 | 25-11-2016 - 16:59 | |
CVE-2016-3907 | 4.3 |
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its
|
28-11-2016 - 20:13 | 25-11-2016 - 16:59 | |
CVE-2016-3904 | 6.8 |
An elevation of privilege vulnerability in the Qualcomm bus driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requir
|
28-11-2016 - 20:13 | 25-11-2016 - 16:59 | |
CVE-2016-3906 | 4.3 |
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its
|
28-11-2016 - 20:13 | 25-11-2016 - 16:59 |