Lucene search
K

158 matches found

OSV
OSV
added 2016/04/18 12:59 a.m.3 views

UBUNTU-CVE-2016-2423

server/telecom/CallsManager.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider whether a device is provisioned, which allows physically proximate attackers to bypass the Factory Reset Protection protection...

6.1CVSS6.7AI score0.0018EPSS
Exploits0References4
OSV
OSV
added 2016/04/18 12:59 a.m.2 views

UBUNTU-CVE-2016-0836

Stack-based buffer overflow in decoder/impeg2dvld.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 25812590...

7.8CVSS7.8AI score0.02245EPSS
Exploits0References4
OSV
OSV
added 2016/04/18 12:59 a.m.4 views

UBUNTU-CVE-2016-0840

Multiple stack-based buffer underflows in decoder/ih264dparsecavlc.c in mediaserver in Android 6.x before 2016-04-01 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26399350...

8.4CVSS7.9AI score0.01652EPSS
Exploits0References4
CNVD
CNVD
added 2016/03/16 12:0 a.m.29 views

Android MediaTek Wi-Fi Kernel Driver Privilege Gain Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA, and the MediaTek Wi-Fi kernel driver is one of the Wi-Fi kernel driver components. A security vulnerability exists in the MediaTek Wi-Fi kernel driver for Android versions 6.x prio...

9.3CVSS7.7AI score0.00522EPSS
Exploits0References1
OSV
OSV
added 2016/03/12 9:59 p.m.4 views

CVE-2016-0830

btifconfig.c in Bluetooth in Android 6.x before 2016-03-01 allows remote attackers to cause a denial of service memory corruption and persistent daemon crash by triggering a large number of configuration entries, and consequently exceeding the maximum size of a configuration file, aka internal bu...

6.5CVSS5.8AI score0.00531EPSS
Exploits0References3
OSV
OSV
added 2016/03/12 9:59 p.m.3 views

CVE-2016-0824

libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via crafted Bitstream data, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25765591...

5.3CVSS5.8AI score0.00649EPSS
Exploits0References3
OSV
OSV
added 2016/03/12 9:59 p.m.3 views

CVE-2016-0822

The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages connlauncher access, aka internal bug 25873324...

7CVSS5.8AI score0.00465EPSS
Exploits0References2
OSV
OSV
added 2016/03/12 9:59 p.m.3 views

CVE-2016-0816

mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, related to decoder/ih264dparseislice.c and decoder/ih264dparsepslice.c, aka internal bug 25928803...

9.8CVSS6.1AI score0.02822EPSS
Exploits0References3
OSV
OSV
added 2016/03/12 9:59 p.m.2 views

UBUNTU-CVE-2016-0825

The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 20860039...

5.3CVSS7.3AI score0.00486EPSS
Exploits0References3
OSV
OSV
added 2016/03/12 9:59 p.m.18 views

UBUNTU-CVE-2016-0820

The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358...

7.8CVSS7.1AI score0.00522EPSS
Exploits0References3
OSV
OSV
added 2016/02/07 1:59 a.m.5 views

CVE-2016-0811

Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in libmediaplayerservice in Android 6.x before 2016-02-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an improper size calculation, ...

7.5CVSS5.8AI score0.00675EPSS
Exploits0References2
OSV
OSV
added 2016/02/07 1:59 a.m.3 views

UBUNTU-CVE-2016-0811

Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in libmediaplayerservice in Android 6.x before 2016-02-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an improper size calculation, ...

7.5CVSS7.2AI score0.00675EPSS
Exploits0References4
OSV
OSV
added 2016/02/07 1:59 a.m.4 views

UBUNTU-CVE-2016-0812

The interceptKeyBeforeDispatching function in policy/src/com/android/internal/policy/impl/PhoneWindowManager.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.0 before 2016-02-01 does not properly check for setup completion, which allows physically proximate attackers to bypass the...

6.1CVSS6.7AI score0.0018EPSS
Exploits0References4
OSV
OSV
added 2016/02/07 1:59 a.m.3 views

UBUNTU-CVE-2016-0809

Use-after-free vulnerability in the wificleanup function in bcmdhd/wifihal/wifihal.cpp in Wi-Fi in Android 6.x before 2016-02-01 allows attackers to gain privileges by leveraging access to the local physical environment during execution of a crafted application, aka internal bug 25753768...

8.8CVSS7.4AI score0.00555EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2016/01/06 12:0 a.m.5 views

PT-2016-1003 · Google · Android +1

Name of the Vulnerable Software and Affected Versions: Android versions 5.x through 5.1.1 before LMY49F Android versions 6.0 before 2016-01-01 Description: The issue is related to insufficient access control in the Widevine QSEE TrustZone application. It allows attackers to gain privileges via a...

9.3CVSS7.6AI score0.0069EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2016/01/06 12:0 a.m.8 views

PT-2016-1009 · Google · Android +1

Name of the Vulnerable Software and Affected Versions: Android versions 5.x through 5.1.1 before LMY49F Android versions 6.0 before 2016-01-01 Description: The issue is related to insufficient access control in the Widevine QSEE TrustZone application. It allows attackers to gain privileges via a...

9.3CVSS7.5AI score0.06906EPSS
Exploits3References9
CNVD
CNVD
added 2015/12/10 12:0 a.m.6 views

Android Wi-Fi Elevation of Privilege Vulnerability

Android is a cell phone operating system based on the Linux open kernel. Wi-Fi in versions prior to Android 6.0 2015-12-01 has a security vulnerability in its implementation, which can be exploited by remote attackers to gain elevated privileges via a constructed application...

9.3CVSS7AI score0.00591EPSS
Exploits0References1
CNVD
CNVD
added 2015/11/04 12:0 a.m.6 views

Android mediaserver remote code execution vulnerability

mediaserver is a very important process in android, audio, video, camera are all related to mediaserver process. A remote code execution vulnerability exists in Android 4.4-5.1.1 and Android 6.0 versions of mediaserver. A remote attacker can exploit this vulnerability to execute arbitrary code or...

10CVSS8.5AI score0.0222EPSS
Exploits0References1
Rows per page
Query Builder