Google

Android

8041 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2016-3928

  • EPSS 0.04%
  • Veröffentlicht 10.10.2016 10:59:32
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019362 and MediaTek internal bug ALPS02829384.

10

CVE-2016-3927

  • EPSS 0.12%
  • Veröffentlicht 10.10.2016 10:59:31
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5X and 6P devices has unknown impact and attack vectors, aka internal bug 28823244.

10

CVE-2016-3926

  • EPSS 0.12%
  • Veröffentlicht 10.10.2016 10:59:30
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in a Qualcomm component in Android before 2016-10-05 on Nexus 5, 5X, 6, and 6P devices has unknown impact and attack vectors, aka internal bug 28823953.

5.5

CVE-2016-3925

  • EPSS 0.07%
  • Veröffentlicht 10.10.2016 10:59:29
  • Zuletzt bearbeitet 06.05.2026 22:30:45

server/wifi/anqp/ANQPFactory.java in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows attackers to cause a denial of service (blocked Wi-Fi usage) via a crafted application, aka internal bug 30230534.

5.5

CVE-2016-3924

  • EPSS 0.11%
  • Veröffentlicht 10.10.2016 10:59:28
  • Zuletzt bearbeitet 06.05.2026 22:30:45

services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate EFFECT_CMD_SET_PARAM and EFFECT_CMD_SET_PARAM_DEFERRED commands, ...

5.5

CVE-2016-3923

  • EPSS 0.08%
  • Veröffentlicht 10.10.2016 10:59:27
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Accessibility services in Android 7.0 before 2016-10-01 mishandle motion events, which allows attackers to conduct touchjacking attacks and consequently gain privileges via a crafted application, aka internal bug 30647115.

7.8

CVE-2016-3922

  • EPSS 0.09%
  • Veröffentlicht 10.10.2016 10:59:26
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619.

9.3

CVE-2016-3921

  • EPSS 0.06%
  • Veröffentlicht 10.10.2016 10:59:25
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libsysutils/src/FrameworkListener.cpp in Framework Listener in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka inter...

7.1

CVE-2016-3920

  • EPSS 0.19%
  • Veröffentlicht 10.10.2016 10:59:24
  • Zuletzt bearbeitet 06.05.2026 22:30:45

id3/ID3.cpp in libstagefright in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka inte...

5.5

CVE-2016-3918

  • EPSS 0.11%
  • Veröffentlicht 10.10.2016 10:59:22
  • Zuletzt bearbeitet 06.05.2026 22:30:45

email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain values are integers, which allows attackers to read...