3142 matches found
CVE-2016-3893
The wcdcalhwdepioctlshared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug...
Code injection
The wcdcalhwdepioctlshared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug...
CVE-2016-3893
The wcdcalhwdepioctlshared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug...
UBUNTU-CVE-2016-3899
OMXCodec.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not validate a certain pointer, which allows remote attackers to cause a denial of service device hang or reboot via a crafted...
CVE-2016-3893
The wcdcalhwdepioctlshared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug...
CVE-2016-3893
CVE-2016-3893 affects the Qualcomm sound codec on Android devices (Nexus 6P) prior to 2016-09-05. The vulnerability lies in the wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c, which does not properly copy firmware data, enabling a crafted application to cause information di...
Fedora 24 : chromium (2016-e9798eaaa3)
On 2016-08-04 Google released Chrome 52.0.2743.116 which fixes at least 8 security issues: CVE-2016-5141, CVE-2016-5142, CVE-2016-5139, CVE-2016-5140, CVE-2016-5145, CVE-2016-5143 and CVE-2016-5144. Additionally, this update : - Splits libmedia and libffmpeg into the libs-media subpackage, so tha...
CVE-2016-3829
The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 does not initialize certain structure members, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 29023649...
Multiple Cross-Site Request Forgery Vulnerabilities in Crestron Electronics DM-TXRX-100-STR
The Crestron Electronics DM-TXRX-100-STR is a multimedia streaming codec. Multiple cross-site request forgery vulnerabilities exist in the Crestron Electronics DM-TXRX-100-STR 1.3039.00040. This could allow a remote attacker to hijack the authentication of arbitrary users...
The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information
The vulnerability of MediaTek’s Android video codec relates to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain confidential information through a specially created application...
CVE-2016-3812
The MediaTek video codec driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28174833 and MediaTek internal bug ALPS02688832...
UBUNTU-CVE-2016-3812
The MediaTek video codec driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28174833 and MediaTek internal bug ALPS02688832...
CVE-2016-3812
The MediaTek video codec driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28174833 and MediaTek internal bug ALPS02688832...
Design/Logic Flaw
The MediaTek video codec driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28174833 and MediaTek internal bug ALPS02688832...
CVE-2016-3812
CVE-2016-3812 describes an information-disclosure vulnerability in the MediaTek video codec driver on Android One devices, prior to 2016-07-05. A crafted app could cause data leakage to the attacker via the MediaTek/Android pipeline (Android internal bug 28174833 and MediaTek internal bug ALPS026...
Android MediaTek Video Codec Driver Information Disclosure Vulnerability
Android on Android One is a Linux-based open source operating system for Android One smartphone developed by Google and the Open Handset Alliance OHA in the U.S. MediaTek video codec driver is one of the video codec driver components developed by MediaTek. MediaTek video codec driver is a video...
openSUSE Security Update : vlc (openSUSE-2016-754)
This update for vlc to 2.2.4 to fix the following security issue : - CVE-2016-5108: Fix out-of-bound write in adpcm QT IMA codec boo984382. This also include an update of codecs and libraries to fix these 3rd party security issues : - CVE-2016-1514: Matroska libebml EbmlUnicodeString Heap...
openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-704)
This update to Mozilla Firefox 47 fixes the following issues boo983549 : Security fixes : - CVE-2016-2815/CVE-2016-2818: Miscellaneous memory safety hazards boo983638 MFSA 2016-49 - CVE-2016-2819: Buffer overflow parsing HTML5 fragments boo983655 MFSA 2016-50 - CVE-2016-2821: Use-after-free...
CVE-2016-2484
libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature ...
CVE-2016-2484
libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes for the GSM and G711 codecs, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature ...