Lucene search
K

189 matches found

Cvelist
Cvelist
added 2016/02/07 1:0 a.m.27 views

CVE-2016-0811

Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in libmediaplayerservice in Android 6.x before 2016-02-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an improper size calculation, ...

7.8AI score0.00675EPSS
Exploits0References2
CVE
CVE
added 2016/02/07 1:0 a.m.63 views

CVE-2016-0809

CVE-2016-0809 is a use-after-free in the wifi_cleanup function of Broadcom’s Wi‑Fi driver (bcmdhd/wifi_hal/wifi_hal.cpp) used by Android 6.x. The issue could allow local privilege escalation when an attacker with physical access executes a crafted app. Affected: Android 6.x prior to 2016-02-01. R...

8.8CVSS8.5AI score0.00555EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/02/07 1:0 a.m.25 views

CVE-2016-0809

Use-after-free vulnerability in the wificleanup function in bcmdhd/wifihal/wifihal.cpp in Wi-Fi in Android 6.x before 2016-02-01 allows attackers to gain privileges by leveraging access to the local physical environment during execution of a crafted application, aka internal bug 25753768...

8.3AI score0.00555EPSS
Exploits0References2
CVE
CVE
added 2016/02/07 1:0 a.m.63 views

CVE-2016-0807

CVE-2016-0807 affects Android 6.x Debuggerd (get_build_id in elf_utils.cpp) where a crafted ELF Note Desc Size element mishandling enables privilege escalation. Root cause: improper handling in Debuggerd’s ELF note parsing. Impact: high (local attacker). Affected component: Android 6.x Debuggerd....

8.4CVSS8.1AI score0.00215EPSS
Exploits0References2Affected Software1
android
android
added 2016/02/01 12:0 a.m.37 views

CVE-2016-0804

The NuPlayer::GenericSource::notifyPreparedAndCleanup function in media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 improperly manages mDrmManagerClient objects, which allows remote attackers to execute arbitrary cod...

10CVSS8.8AI score0.02018EPSS
Exploits0References3Affected Software1
android
android
added 2016/02/01 12:0 a.m.40 views

CVE-2016-0807

The getbuildid function in elfutils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394...

7.2CVSS7.6AI score0.00215EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2015/12/06 1:59 a.m.20 views

CVE-2015-6783

The FindStartOffsetOfFileInZipFile function in crazylinkerzip.cpp in crazylinker aka Crazy Linker in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP...

4.3CVSS8.8AI score0.01233EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2015/12/06 1:59 a.m.29 views

CVE-2015-6783

The FindStartOffsetOfFileInZipFile function in crazylinkerzip.cpp in crazylinker aka Crazy Linker in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP...

4.3CVSS7.2AI score0.01233EPSS
Exploits0References2
CVE
CVE
added 2015/12/06 1:0 a.m.93 views

CVE-2015-6783

CVE-2015-6783 affects Google Chrome components on Android 5.x–6.x that use Crazy Linker. The vulnerability is in crazy_linker_zip.cpp FindStartOffsetOfFileInZipFile, where EOCD record search is faulty, allowing signature-validation bypass via a crafted ZIP archive. Public docs confirm this CVE wa...

4.3CVSS8.5AI score0.01233EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder