Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-9529 | 6.9 |
Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that
|
14-03-2024 - 19:58 | 09-01-2015 - 21:59 | |
CVE-2016-3134 | 7.2 |
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
|
12-09-2023 - 14:55 | 27-04-2016 - 17:59 | |
CVE-2016-1583 | 7.2 |
The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames
|
12-09-2023 - 14:55 | 27-06-2016 - 10:59 | |
CVE-2016-4470 | 4.9 |
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a craft
|
12-02-2023 - 23:21 | 27-06-2016 - 10:59 | |
CVE-2015-1465 | 7.8 |
The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (
|
26-01-2023 - 18:54 | 05-04-2015 - 21:59 | |
CVE-2016-4805 | 7.2 |
Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a n
|
17-01-2023 - 21:18 | 23-05-2016 - 10:59 | |
CVE-2014-4655 | 4.9 |
The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow an
|
14-08-2020 - 18:02 | 03-07-2014 - 04:22 | |
CVE-2016-5340 | 7.2 |
The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypas
|
03-08-2020 - 16:13 | 07-08-2016 - 21:59 | |
CVE-2016-2053 | 4.7 |
The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function
|
30-08-2018 - 16:52 | 02-05-2016 - 10:59 | |
CVE-2016-3873 | 9.3 |
The NVIDIA kernel in Android before 2016-09-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 29518457.
|
19-10-2017 - 01:30 | 11-09-2016 - 21:59 | |
CVE-2016-3861 | 9.3 |
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to
|
03-09-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3893 | 4.3 |
The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3864 | 9.3 |
The Qualcomm radio interface layer in Android before 2016-09-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28823714 and Qualcomm internal bu
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3898 | 4.3 |
Telephony in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows attackers to cause a denial of service (loss of locked-screen 911 TTY functionality) via a crafted application that modifies the TTY
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-2469 | 9.3 |
The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27531992.
|
13-08-2017 - 01:29 | 13-06-2016 - 01:59 | |
CVE-2016-3894 | 4.3 |
The Qualcomm DMA component in Android before 2016-09-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29618014 and Qualcomm internal bug CR1042033.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3890 | 7.6 |
The Java Debug Wire Protocol (JDWP) implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a c
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3876 | 7.2 |
providers/settings/SettingsProvider.java in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the SAFE_BOOT_DISALLOWED protection mechanism and boot to safe mode via the Android Debug Bridge (adb)
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3887 | 6.8 |
providers/settings/SettingsProvider.java in Android 7.0 before 2016-09-01 does not properly enforce the DISALLOW_CONFIG_VPN setting, which allows attackers to bypass an intended always-on VPN state via a crafted application, aka internal bug 29899712
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3896 | 4.3 |
AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 allows attackers to obtain sensitive EmailAccountCacheProvider information via a crafted application, aka internal bug 29767043.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3879 | 7.1 |
arm-wt-22k/lib_src/eas_mdls.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 allows remote attackers to cause a denial of service (NULL pointer dereference, and device hang or reboot) via
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3868 | 9.3 |
The Qualcomm power driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28967028 and Qualcomm internal bug CR1032875.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3897 | 4.3 |
The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java in Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 includes a password in the return value of a toString method call, which allo
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3884 | 4.3 |
server/notification/NotificationManagerService.java in the Notification Manager Service in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 lacks uid checks, which allows attackers to bypass intended restrictions on method calls via a crafted
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3872 | 9.3 |
Buffer overflow in codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows attackers to gain privileges via a crafted app
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3877 | 10.0 |
Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3859 | 9.3 |
The Qualcomm camera driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28815326 and Qualcomm internal bug CR1034641.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3881 | 7.1 |
The decoder_peek_si_internal function in vp9/vp9_dx_iface.c in libvpx in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows remote attackers to cause a denial of se
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3899 | 7.1 |
OMXCodec.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not validate a certain pointer, which allows remote attackers to cause a denial o
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3875 | 7.2 |
server/wm/WindowManagerService.java in Android 6.x before 2016-09-01 does not enforce the DISALLOW_SAFE_BOOT setting, which allows physically proximate attackers to bypass intended access restrictions and boot to safe mode via unspecified vectors, ak
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3866 | 9.3 |
The Qualcomm sound driver in Android before 2016-09-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28868303 and Qualcomm internal bug CR1032820.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3883 | 4.3 |
internal/telephony/SMSDispatcher.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not properly construct warnings about premium SMS messages, which allows att
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3874 | 9.3 |
CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus 5X devices does not properly validate the arguments array, which allows attackers to gain privileges via a crafted application that sends a WE_UNIT_TEST_C
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3870 | 9.3 |
omx/SimpleSoftOMXComponent.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not prevent input-port changes, which allows attackers to gain
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3880 | 7.1 |
Multiple buffer overflows in rtsp/ASessionDescription.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow remote attackers to cause a denial
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3862 | 9.3 |
media/ExifInterface.java in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 does not properly interact with the use of static variables in libjhead_jni, which allows remote attackers to execu
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3878 | 7.1 |
decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-09-01 mishandles the case of decoding zero MBs, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29493002.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3865 | 9.3 |
The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28799389.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3895 | 4.3 |
Integer overflow in the Region::unflatten function in libs/ui/Region.cpp in mediaserver in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 29983260.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3867 | 9.3 |
The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28919863 and Qualcomm internal bug CR1037897.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3863 | 6.8 |
Multiple stack-based buffer overflows in the AVCC reassembly implementation in Utils.cpp in libstagefright in MediaMuxer in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow remot
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3951 | 4.9 |
Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invali
|
13-08-2017 - 01:29 | 02-05-2016 - 10:59 | |
CVE-2016-3892 | 4.3 |
The Qualcomm SPMI driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28760543 and Qualcomm internal bug CR1024197.
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3885 | 9.3 |
debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles the interaction between PTRACE_ATTACH operations and thread exits, which allows attackers to gain priv
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3871 | 9.3 |
Multiple buffer overflows in codecs/mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow attackers to gain privileges via a cra
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3858 | 9.3 |
Buffer overflow in drivers/soc/qcom/subsystem_restart.c in the Qualcomm subsystem driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application that provides a long string, aka Android in
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3889 | 7.2 |
Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism by accessing (1) an external tile from a system application, (2) the help feature, or (3) the Se
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3869 | 9.3 |
The Broadcom Wi-Fi driver in Android before 2016-09-05 on Nexus 5, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29009982 and Broadcom internal bu
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3886 | 7.2 |
systemui/statusbar/phone/QuickStatusBarHeader.java in the System UI Tuner in Android 7.0 before 2016-09-01 does not prevent tuner changes on the lockscreen, which allows physically proximate attackers to gain privileges by modifying a setting, aka in
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-3888 | 2.1 |
internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechan
|
13-08-2017 - 01:29 | 11-09-2016 - 21:59 | |
CVE-2016-2446 | 7.6 |
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27441354.
|
13-08-2017 - 01:29 | 09-05-2016 - 10:59 |