VYPR

Android

by Google

CVEs (4,041)

  • CVE-2015-3863Oct 1, 2015
    risk 0.00cvss epss 0.01

    Multiple integer overflows in the Blob class in keystore/keystore.cpp in Keystore in Android before 5.1.1 LMY48M allow attackers to execute arbitrary code and read arbitrary Keystore keys via an application that uses a crafted blob in an insert operation, aka internal bug…

  • CVE-2015-3861Oct 1, 2015
    risk 0.00cvss epss 0.01

    Multiple integer overflows in the addVorbisCodecInfo function in matroska/MatroskaExtractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allow remote attackers to cause a denial of service (device inoperability) via crafted Matroska data, aka internal bug…

  • CVE-2015-3860Oct 1, 2015
    risk 0.00cvss epss 0.00

    packages/Keyguard/res/layout/keyguard_password_view.xml in Lockscreen in Android 5.x before 5.1.1 LMY48M does not restrict the number of characters in the passwordEntry input field, which allows physically proximate attackers to bypass intended access restrictions via a long…

  • CVE-2015-3858Oct 1, 2015
    risk 0.00cvss epss 0.01

    The checkDestination function in internal/telephony/SMSDispatcher.java in Android before 5.1.1 LMY48M relies on an obsolete permission name for an authorization check, which allows attackers to bypass an intended user-confirmation requirement for SMS short-code messaging via a…

  • CVE-2015-3849Oct 1, 2015
    risk 0.00cvss epss 0.01

    The Region_createFromParcel function in core/jni/android/graphics/Region.cpp in Region in Android before 5.1.1 LMY48M does not check the return values of certain read operations, which allows attackers to execute arbitrary code via an application that sends a crafted message to…

  • CVE-2015-3845Oct 1, 2015
    risk 0.00cvss epss 0.01

    The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, which allows attackers to obtain a different application's privileges via a…

  • CVE-2015-3844Oct 1, 2015
    risk 0.00cvss epss 0.01

    The getProcessRecordLocked method in services/core/java/com/android/server/am/ActivityManagerService.java in ActivityManager in Android before 5.1.1 LMY48I allows attackers to trigger incorrect process loading via a crafted application, as demonstrated by interfering with use of…

  • CVE-2015-3843Oct 1, 2015
    risk 0.00cvss epss 0.02

    The SIM Toolkit (STK) framework in Android before 5.1.1 LMY48I allows attackers to (1) intercept or (2) emulate unspecified Telephony STK SIM commands via an application that sends a crafted Intent, related to com/android/internal/telephony/cat/AppInterface.java, aka internal…

  • CVE-2015-3842Oct 1, 2015
    risk 0.00cvss epss 0.01

    Multiple heap-based buffer overflows in libeffects in the Audio Policy Service in mediaserver in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application, aka internal bug 21953516.

  • CVE-2015-3837Oct 1, 2015
    risk 0.00cvss epss 0.01

    The OpenSSLX509Certificate class in org/conscrypt/OpenSSLX509Certificate.java in Android before 5.1.1 LMY48I improperly includes certain context data during serialization and deserialization, which allows attackers to execute arbitrary code via an application that sends a…

  • CVE-2015-3836Oct 1, 2015
    risk 0.00cvss epss 0.03

    The Parse_wave function in arm-wt-22k/lib_src/eas_mdls.c in the Sonivox DLS-to-EAS converter in Android before 5.1.1 LMY48I does not reject a negative value for a certain size field, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer…

  • CVE-2015-3835Oct 1, 2015
    risk 0.00cvss epss 0.02

    Buffer overflow in the OMXNodeInstance::emptyBuffer function in omx/OMXNodeInstance.cpp in libstagefright in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bug 20634516.

  • CVE-2015-3834Oct 1, 2015
    risk 0.00cvss epss 0.01

    Multiple integer overflows in the BnHDCP::onTransact function in media/libmedia/IHDCP.cpp in libstagefright in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application that uses HDCP encryption, leading to a heap-based buffer overflow, aka…

  • CVE-2015-3833Oct 1, 2015
    risk 0.00cvss epss 0.01

    The getRunningAppProcesses function in services/core/java/com/android/server/am/ActivityManagerService.java in Android before 5.1.1 LMY48I allows attackers to bypass intended getRecentTasks restrictions and discover the name of the foreground application via a crafted…

  • CVE-2015-3832Oct 1, 2015
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538.

  • CVE-2015-3831Oct 1, 2015
    risk 0.00cvss epss 0.01

    Buffer overflow in the readAt function in BpMediaHTTPConnection in media/libmedia/IMediaHTTPConnection.cpp in the mediaserver service in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bug 19400722.

  • CVE-2015-1541Oct 1, 2015
    risk 0.00cvss epss 0.00

    The AppWidgetServiceImpl implementation in com/android/server/appwidget/AppWidgetServiceImpl.java in the Settings application in Android before 5.1.1 LMY48I allows attackers to obtain a URI permission via an application that sends an Intent with a (1)…

  • CVE-2015-1536Oct 1, 2015
    risk 0.00cvss epss 0.01

    Integer overflow in the Bitmap_createFromParcel function in core/jni/android/graphics/Bitmap.cpp in Android before 5.1.1 LMY48I allows attackers to cause a denial of service (system_server crash) or obtain sensitive system_server memory-content information via a crafted…

  • CVE-2015-1528Oct 1, 2015
    risk 0.00cvss epss 0.03

    Integer overflow in the native_handle_create function in libcutils/native_handle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of service (Binder heap memory corruption) via a crafted application, aka internal…

  • CVE-2014-7917Oct 1, 2015
    risk 0.00cvss epss 0.01

    Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15342615.

Page 199 of 203