VYPR

Android

by Google

CVEs (4,715)

  • CVE-2016-3932HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    mediaserver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 29161895 and MediaTek internal bug ALPS02770870.

  • CVE-2016-3931HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    drivers/misc/qseecom.c in the Qualcomm QSEE Communicator driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29157595 and Qualcomm internal bug CR…

  • CVE-2016-3930HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    The NVIDIA MMC test driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28760138.

  • CVE-2016-3928HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019362 and MediaTek internal bug ALPS02829384.

  • CVE-2016-3922HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619.

  • CVE-2016-3921HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    libsysutils/src/FrameworkListener.cpp in Framework Listener in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 29831647.

  • CVE-2016-3917HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    The fingerprint login feature in Android 6.0.1 before 2016-10-01 and 7.0 before 2016-10-01 does not track the user account during the authentication process, which allows physically proximate attackers to authenticate as an arbitrary user by leveraging lockscreen access, aka…

  • CVE-2016-3916HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30741779.

  • CVE-2016-3915HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30591838.

  • CVE-2016-3914HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application that modifies a database…

  • CVE-2016-3913HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate a certain static_cast operation, which allows attackers to gain privileges…

  • CVE-2016-3912HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allow attackers to gain privileges via a crafted application, aka internal bug 30202481.

  • CVE-2016-3911HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    core/java/android/os/Process.java in Zygote in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30143607.

  • CVE-2016-3910HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.00

    services/soundtrigger/SoundTriggerHwService.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30148546.

  • CVE-2016-3909HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    The SoftMPEG4 component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30033990.

  • CVE-2016-3905HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    CORE/HDD/src/wlan_hdd_main.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application that sends a SENDACTIONFRAME command, aka Android internal bug 28061823 and Qualcomm internal bug CR 1001449.

  • CVE-2016-3903HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug…

  • CVE-2016-3901HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug…

  • CVE-2016-3900HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    cmds/servicemanager/service_manager.c in ServiceManager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not properly restrict service registration, which allows attackers to gain privileges via a crafted application, aka…

  • CVE-2015-8951HigOct 10, 2016
    risk 0.51cvss 7.8epss 0.01

    Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug…

Page 101 of 236