CVE-2016-3918
- EPSS 0.11%
- Veröffentlicht 10.10.2016 10:59:22
- Zuletzt bearbeitet 12.04.2025 10:46:40
email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain values are integers, which allows attackers to read...
CVE-2016-3917
- EPSS 0.02%
- Veröffentlicht 10.10.2016 10:59:21
- Zuletzt bearbeitet 12.04.2025 10:46:40
The fingerprint login feature in Android 6.0.1 before 2016-10-01 and 7.0 before 2016-10-01 does not track the user account during the authentication process, which allows physically proximate attackers to authenticate as an arbitrary user by leveragi...
CVE-2016-3916
- EPSS 0.06%
- Veröffentlicht 10.10.2016 10:59:20
- Zuletzt bearbeitet 12.04.2025 10:46:40
camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 3...
CVE-2016-3915
- EPSS 0.06%
- Veröffentlicht 10.10.2016 10:59:19
- Zuletzt bearbeitet 12.04.2025 10:46:40
camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 3...
CVE-2016-3914
- EPSS 0.1%
- Veröffentlicht 10.10.2016 10:59:18
- Zuletzt bearbeitet 12.04.2025 10:46:40
Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application th...
CVE-2016-3913
- EPSS 0.06%
- Veröffentlicht 10.10.2016 10:59:17
- Zuletzt bearbeitet 12.04.2025 10:46:40
media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate a certain static_cast operation, which allows at...
CVE-2016-3912
- EPSS 0.14%
- Veröffentlicht 10.10.2016 10:59:16
- Zuletzt bearbeitet 12.04.2025 10:46:40
The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allow attackers to gain privileges via a crafted application, aka internal bug 30202481.
CVE-2016-3911
- EPSS 0.06%
- Veröffentlicht 10.10.2016 10:59:15
- Zuletzt bearbeitet 12.04.2025 10:46:40
core/java/android/os/Process.java in Zygote in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30143607...
CVE-2016-3910
- EPSS 0.14%
- Veröffentlicht 10.10.2016 10:59:14
- Zuletzt bearbeitet 12.04.2025 10:46:40
services/soundtrigger/SoundTriggerHwService.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 3014854...
CVE-2016-3909
- EPSS 0.06%
- Veröffentlicht 10.10.2016 10:59:13
- Zuletzt bearbeitet 12.04.2025 10:46:40
The SoftMPEG4 component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal...