Android Qualcomm Sound Driver Elevation of Privilege Vulnerability (CNVD-2016-04087)

Android on Nexus 5 is a Linux-based open source operating system for the Nexus 5 smartphone developed by Google and the Open Handset Alliance OHA, and includes a Qualcomm Sound Driver. Qualcomm Sound Driver is a sound driver developed by Qualcomm Incorporated. An elevation of privilege...

CVE-2016-2482

The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSyste...

CVE-2016-2495

SampleTable.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to cause a denial of service device hang or reboot via a crafted file, aka internal bug 28076789...

CVE-2016-2492

The MediaTek power-management driver in Android before 2016-06-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 28085410...

Code injection

libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature ...

CVE-2016-2473

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 2013 devices allows attackers to gain privileges via a crafted application, aka internal bug 27777501...

CVE-2016-2468

The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454...

Android Qualcomm Wi-Fi Driver Privilege Gain Vulnerability (CNVD-2016-03982)

Android on Nexus 7 is an open source Linux-based operating system for the Nexus 7 Tablet PC developed by Google and the Open Handheld Alliance OHA, and the Qualcomm Wi-Fi driver is a Qualcomm-developed Wi-Fi driver component used in it. Qualcomm Wi-Fi driver is one of the components used in the...

Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution

This module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 except 2.3.20.2 and 2.3.24.2. Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled. This module requires Metasploit:...