CVE-2016-3760

Bluetooth in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows local users to gain privileges by establishing a pairing that remains present during a session of the primary user, aka internal bug 27410683...

UBUNTU-CVE-2016-0849

Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug...

UBUNTU-CVE-2016-2423

server/telecom/CallsManager.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider whether a device is provisioned, which allows physically proximate attackers to bypass the Factory Reset Protection protection...

PT-2016-5160 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions 5.x through 6.x Description: The AES-GCM specification in RFC 5084 recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for attackers to defeat a cryptographic protection mechanism and discover ...

UBUNTU-CVE-2016-0812

The interceptKeyBeforeDispatching function in policy/src/com/android/internal/policy/impl/PhoneWindowManager.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.0 before 2016-02-01 does not properly check for setup completion, which allows physically proximate attackers to bypass the...

PT-2016-1009 · Google · Android +1

Name of the Vulnerable Software and Affected Versions: Android versions 5.x through 5.1.1 before LMY49F Android versions 6.0 before 2016-01-01 Description: The issue is related to insufficient access control in the Widevine QSEE TrustZone application. It allows attackers to gain privileges via a...

PT-2016-1003 · Google · Android +1

Name of the Vulnerable Software and Affected Versions: Android versions 5.x through 5.1.1 before LMY49F Android versions 6.0 before 2016-01-01 Description: The issue is related to insufficient access control in the Widevine QSEE TrustZone application. It allows attackers to gain privileges via a...

Android Arbitrary Code Execution Vulnerability (CNVD-2015-08094)

Android is a mobile operating system based on the Linux open kernel led and developed by Google and the Open Handset Alliance. An arbitrary code execution vulnerability exists in LMY48Z in Google Android 4.4 and 5.x versions prior to 5.1.1, which allows remote attackers to execute arbitrary code ...

Google Android Skia Denial of Service Vulnerability

Google Skia is the United States Google Google company's an open source and C + + based graphics library , it can be used in Mozilla Firefox, Google Chrome and other browsers , but also available in the Android open mobile platform . A security vulnerability exists in Google Skia used in Android...