Google

Android

7920 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2016-3927

  • EPSS 0.12%
  • Veröffentlicht 10.10.2016 10:59:31
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823244.

10

CVE-2016-3926

  • EPSS 0.12%
  • Veröffentlicht 10.10.2016 10:59:30
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5, 5X, 6, and 6P devices has unknown impact and attack vectors, aka internal bug 28823953.

5.5

CVE-2016-3925

  • EPSS 0.07%
  • Veröffentlicht 10.10.2016 10:59:29
  • Zuletzt bearbeitet 12.04.2025 10:46:40

server/wifi/anqp/ANQPFactory.java in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows attackers to cause a denial of service (blocked Wi-Fi usage) via a crafted application, aka internal bug 30230534.

5.5

CVE-2016-3924

  • EPSS 0.11%
  • Veröffentlicht 10.10.2016 10:59:28
  • Zuletzt bearbeitet 12.04.2025 10:46:40

services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate EFFECT_CMD_SET_PARAM and EFFECT_CMD_SET_PARAM_DEFERRED commands, ...

5.5

CVE-2016-3923

  • EPSS 0.08%
  • Veröffentlicht 10.10.2016 10:59:27
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Accessibility services in Android 7.0 before 2016-10-01 mishandle motion events, which allows attackers to conduct touchjacking attacks and consequently gain privileges via a crafted application, aka internal bug 30647115.

7.8

CVE-2016-3922

  • EPSS 0.09%
  • Veröffentlicht 10.10.2016 10:59:26
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619.

9.3

CVE-2016-3921

  • EPSS 0.06%
  • Veröffentlicht 10.10.2016 10:59:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libsysutils/src/FrameworkListener.cpp in Framework Listener in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka inter...

7.1

CVE-2016-3920

  • EPSS 0.19%
  • Veröffentlicht 10.10.2016 10:59:24
  • Zuletzt bearbeitet 12.04.2025 10:46:40

id3/ID3.cpp in libstagefright in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka inte...

5.5

CVE-2016-3918

  • EPSS 0.11%
  • Veröffentlicht 10.10.2016 10:59:22
  • Zuletzt bearbeitet 12.04.2025 10:46:40

email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain values are integers, which allows attackers to read...

7.8

CVE-2016-3917

  • EPSS 0.02%
  • Veröffentlicht 10.10.2016 10:59:21
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The fingerprint login feature in Android 6.0.1 before 2016-10-01 and 7.0 before 2016-10-01 does not track the user account during the authentication process, which allows physically proximate attackers to authenticate as an arbitrary user by leveragi...