Lucene search
K

183 matches found

Prion
Prion
added 2016/08/05 8:59 p.m.13 views

Design/Logic Flaw

decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and SPS NAL units, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 28835995...

7.1CVSS7.1AI score0.00574EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/08/05 8:59 p.m.21 views

Design/Logic Flaw

mm-video-v4l2/vidc/venc/src/omxvideobase.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allocates an incorrect amount of memory, which allows attackers to gain privileges via a crafted application, aka internal bug 28816964...

4.6CVSS7.1AI score0.002EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/08/05 8:0 p.m.27 views

CVE-2016-3819

Integer overflow in codecs/on2/h264dec/source/h264bsddpb.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted...

9AI score0.01749EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/08/05 8:0 p.m.24 views

CVE-2016-3836

The SurfaceFlinger service in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application, related to lack of a default constructor in include/ui/FrameStats.h, aka internal bug 28592402...

5.3AI score0.00454EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2016/08/05 8:0 p.m.43 views

CVE-2016-3822

exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01, allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds access via crafted EXIF data, aka internal bug...

7.8CVSS6.8AI score0.01267EPSS
Exploits0
android
android
added 2016/08/01 12:0 a.m.26 views

CVE-2016-3821

libmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 has certain incorrect declarations, which allows remote attackers to execute arbitrary code or cause a denial of service NULL pointer dereference or memory corruption via a craft...

7.5CVSS8.7AI score0.01764EPSS
Exploits0References3Affected Software1
android
android
added 2016/08/01 12:0 a.m.26 views

CVE-2016-3820

The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 mishandles slice numbers, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 28673410...

7.5CVSS8.7AI score0.01339EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2016/07/11 2:0 a.m.18 views

CVE-2016-3760

Bluetooth in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows local users to gain privileges by establishing a pairing that remains present during a session of the primary user, aka internal bug 27410683...

7.5CVSS7.5AI score0.00246EPSS
Exploits0References4
NVD
NVD
added 2016/07/11 1:59 a.m.18 views

CVE-2016-3755

decoder/ih264dparsepslice.c in mediaserver in Android 6.x before 2016-07-01 does not properly select concealment frames, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 28470138...

7.8CVSS7.2AI score0.00679EPSS
Exploits0References2
OSV
OSV
added 2016/07/11 1:59 a.m.2 views

CVE-2016-3748

The sockets subsystem in Android 6.x before 2016-07-01 allows attackers to bypass intended system-call restrictions via a crafted application that makes an ioctl call, aka internal bug 28171804...

8.4CVSS5.8AI score0.00367EPSS
Exploits0References2
OSV
OSV
added 2016/07/11 1:59 a.m.5 views

CVE-2016-3742

decoder/ih264dprocessintramb.c in mediaserver in Android 6.x before 2016-07-01 mishandles intra mode, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 28165659...

9.8CVSS6.1AI score0.01075EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/07/11 1:59 a.m.20 views

CVE-2016-3743

decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-07-01 does not initialize certain data structures, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 27907656...

9.8CVSS7.4AI score0.01075EPSS
Exploits0References2
Prion
Prion
added 2016/07/11 1:59 a.m.22 views

Memory corruption

The H.264 decoder in mediaserver in Android 6.x before 2016-07-01 does not initialize certain slice data, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 28165661...

7.5CVSS8.2AI score0.01412EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/07/11 1:59 a.m.20 views

Memory corruption

decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-07-01 does not initialize certain data structures, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 27907656...

7.5CVSS8.2AI score0.01075EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2016/07/11 1:59 a.m.28 views

CVE-2016-3748

The sockets subsystem in Android 6.x before 2016-07-01 allows attackers to bypass intended system-call restrictions via a crafted application that makes an ioctl call, aka internal bug 28171804...

8.4CVSS7.2AI score0.00367EPSS
Exploits0References2
Prion
Prion
added 2016/07/11 1:59 a.m.19 views

Memory corruption

mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x before 2016-07-01 does not validate a certain section length, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 28333006...

9.3CVSS8.2AI score0.01136EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2016/07/11 1:59 a.m.19 views

Memory corruption

decoder/ih264dprocessintramb.c in mediaserver in Android 6.x before 2016-07-01 mishandles intra mode, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 28165659...

7.5CVSS8.2AI score0.01075EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2016/07/11 1:59 a.m.29 views

CVE-2016-2506

DRMExtractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate a certain offset value, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a...

10CVSS7.4AI score0.01666EPSS
Exploits0References2
Prion
Prion
added 2016/07/11 1:59 a.m.16 views

Design/Logic Flaw

decoder/ih264dparsepslice.c in mediaserver in Android 6.x before 2016-07-01 does not properly select concealment frames, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 28470138...

7.8CVSS7AI score0.00679EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2016/07/11 1:59 a.m.20 views

Default credentials

server/LockSettingsService.java in LockSettingsService in Android 6.x before 2016-07-01 allows attackers to modify the screen-lock password or pattern via a crafted application, aka internal bug 28163930...

4.6CVSS7AI score0.00269EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder