Google

Android

7920 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2016-3887

  • EPSS 0.1%
  • Veröffentlicht 11.09.2016 21:59:31
  • Zuletzt bearbeitet 12.04.2025 10:46:40

providers/settings/SettingsProvider.java in Android 7.0 before 2016-09-01 does not properly enforce the DISALLOW_CONFIG_VPN setting, which allows attackers to bypass an intended always-on VPN state via a crafted application, aka internal bug 29899712...

7.2

CVE-2016-3886

  • EPSS 0.03%
  • Veröffentlicht 11.09.2016 21:59:30
  • Zuletzt bearbeitet 12.04.2025 10:46:40

systemui/statusbar/phone/QuickStatusBarHeader.java in the System UI Tuner in Android 7.0 before 2016-09-01 does not prevent tuner changes on the lockscreen, which allows physically proximate attackers to gain privileges by modifying a setting, aka in...

9.3

CVE-2016-3885

  • EPSS 0.07%
  • Veröffentlicht 11.09.2016 21:59:29
  • Zuletzt bearbeitet 12.04.2025 10:46:40

debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles the interaction between PTRACE_ATTACH operations and thread exits, which allows attackers to gain priv...

5.5

CVE-2016-3884

  • EPSS 0.09%
  • Veröffentlicht 11.09.2016 21:59:28
  • Zuletzt bearbeitet 12.04.2025 10:46:40

server/notification/NotificationManagerService.java in the Notification Manager Service in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 lacks uid checks, which allows attackers to bypass intended restrictions on method calls via a crafted ...

5.5

CVE-2016-3883

  • EPSS 0.09%
  • Veröffentlicht 11.09.2016 21:59:27
  • Zuletzt bearbeitet 12.04.2025 10:46:40

internal/telephony/SMSDispatcher.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not properly construct warnings about premium SMS messages, which allows att...

7.1

CVE-2016-3881

  • EPSS 0.27%
  • Veröffentlicht 11.09.2016 21:59:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The decoder_peek_si_internal function in vp9/vp9_dx_iface.c in libvpx in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows remote attackers to cause a denial of se...

7.1

CVE-2016-3880

  • EPSS 0.3%
  • Veröffentlicht 11.09.2016 21:59:24
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple buffer overflows in rtsp/ASessionDescription.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow remote attackers to cause a denial ...

7.1

CVE-2016-3879

  • EPSS 0.27%
  • Veröffentlicht 11.09.2016 21:59:23
  • Zuletzt bearbeitet 12.04.2025 10:46:40

arm-wt-22k/lib_src/eas_mdls.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 allows remote attackers to cause a denial of service (NULL pointer dereference, and device hang or reboot) via...

7.1

CVE-2016-3878

  • EPSS 0.27%
  • Veröffentlicht 11.09.2016 21:59:22
  • Zuletzt bearbeitet 12.04.2025 10:46:40

decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-09-01 mishandles the case of decoding zero MBs, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29493002.

10

CVE-2016-3877

  • EPSS 0.16%
  • Veröffentlicht 11.09.2016 21:59:21
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors.