Lucene search
K

189 matches found

UbuntuCve
UbuntuCve
added 2016/07/11 1:59 a.m.28 views

CVE-2016-3748

The sockets subsystem in Android 6.x before 2016-07-01 allows attackers to bypass intended system-call restrictions via a crafted application that makes an ioctl call, aka internal bug 28171804...

8.4CVSS7.2AI score0.00367EPSS
Exploits0References2
Prion
Prion
added 2016/07/11 1:59 a.m.21 views

Memory corruption

The H.264 decoder in mediaserver in Android 6.x before 2016-07-01 does not initialize certain slice data, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 28165661...

7.5CVSS8.2AI score0.01412EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2016/07/11 1:59 a.m.30 views

CVE-2016-2507

Integer overflow in codecs/on2/h264dec/source/h264bsdstorage.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a...

9.3CVSS7.5AI score0.0116EPSS
Exploits0References2
Cvelist
Cvelist
added 2016/07/11 1:0 a.m.30 views

CVE-2016-3743

decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-07-01 does not initialize certain data structures, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 27907656...

8.9AI score0.01075EPSS
Exploits0References2
Cvelist
Cvelist
added 2016/07/11 1:0 a.m.20 views

CVE-2016-3757

The printmaps function in toolbox/lsof.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows user-assisted attackers to gain privileges via a crafted application that attempts to list a long name of a memory-mapped file, aka internal bug 28175237...

6.9AI score0.00217EPSS
Exploits0References2
Cvelist
Cvelist
added 2016/07/11 1:0 a.m.33 views

CVE-2016-3741

The H.264 decoder in mediaserver in Android 6.x before 2016-07-01 does not initialize certain slice data, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 28165661...

8.9AI score0.01412EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/07/11 1:0 a.m.23 views

CVE-2016-3766

MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not check whether memory allocation succeeds, which allows remote attackers to cause a denial of service device hang or reboot via a crafted file...

7.1AI score0.01142EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2016/07/11 12:0 a.m.5 views

PT-2016-2468 · Png Development +1 · Libpng +1

Name of the Vulnerable Software and Affected Versions: libpng versions prior to 1.6.20 Android versions prior to 4.4.4 Android 5.0.x versions prior to 5.0.2 Android 5.1.x versions prior to 5.1.1 Android 6.x versions prior to 2016-07-01 Description: The issue is related to errors in the libpng...

7.8CVSS7.8AI score0.00461EPSS
Exploits0References12
android
android
added 2016/07/01 12:0 a.m.28 views

CVE-2016-3743

decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-07-01 does not initialize certain data structures, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 27907656...

7.5CVSS8.4AI score0.01075EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/06/13 1:59 a.m.18 views

Integer overflow

Multiple integer overflows in the h264dec component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media...

7.5CVSS8.2AI score0.00868EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2016/06/13 1:59 a.m.30 views

CVE-2016-2483

The mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSyste...

9.3CVSS7.3AI score0.00419EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2016/06/13 1:59 a.m.25 views

CVE-2016-2487

libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 27833616...

9.3CVSS7.1AI score0.00492EPSS
Exploits0References5
Cvelist
Cvelist
added 2016/06/13 1:0 a.m.23 views

CVE-2016-2494

Off-by-one error in sdcard/sdcard.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 28085658...

7.7AI score0.01946EPSS
Exploits1References4
Cvelist
Cvelist
added 2016/06/13 1:0 a.m.28 views

CVE-2016-2495

SampleTable.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to cause a denial of service device hang or reboot via a crafted file, aka internal bug 28076789...

5.5AI score0.00616EPSS
Exploits0References3
NVD
NVD
added 2016/05/09 10:59 a.m.18 views

CVE-2016-2462

OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data AAD array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bug 27371173...

7.6CVSS6.8AI score0.00391EPSS
Exploits0References2
NVD
NVD
added 2016/05/09 10:59 a.m.32 views

CVE-2016-2429

libFLAC/streamdecoder.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not prevent free operations on uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service heap memory corrupti...

10CVSS9.5AI score0.02018EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/05/09 10:59 a.m.21 views

CVE-2016-2430

libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containing a crafted symbol name, aka internal bug 27299236...

9.3CVSS7.1AI score0.00411EPSS
Exploits0References3
Prion
Prion
added 2016/05/09 10:59 a.m.18 views

Design/Logic Flaw

OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data AAD array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 27696681...

7.6CVSS7.3AI score0.00455EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/05/09 10:59 a.m.16 views

Design/Logic Flaw

OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data AAD array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bug 27371173...

7.6CVSS7.1AI score0.00391EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/05/09 10:0 a.m.31 views

CVE-2016-2439

Buffer overflow in btif/src/btifdm.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows remote attackers to execute arbitrary code via a long PIN value, aka internal bug 27411268...

8.6AI score0.00516EPSS
Exploits0References2
Rows per page
Query Builder