Google

Android

7895 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2016-3746

  • EPSS 0.07%
  • Veröffentlicht 11.07.2016 01:59:46
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application, as demonstra...

9.8

CVE-2016-3745

  • EPSS 0.18%
  • Veröffentlicht 11.07.2016 01:59:45
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple buffer overflows in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to gain privileges via a crafted application that provides an AudioEffect reply, as demonstrated b...

7.5

CVE-2016-3744

  • EPSS 0.15%
  • Veröffentlicht 11.07.2016 01:59:44
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the create_pbuf function in btif/src/btif_hh.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to gain privileges via a crafted pairing operation, ...

9.8

CVE-2016-3743

  • EPSS 0.73%
  • Veröffentlicht 11.07.2016 01:59:43
  • Zuletzt bearbeitet 12.04.2025 10:46:40

decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-07-01 does not initialize certain data structures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka i...

9.8

CVE-2016-3742

  • EPSS 0.73%
  • Veröffentlicht 11.07.2016 01:59:42
  • Zuletzt bearbeitet 12.04.2025 10:46:40

decoder/ih264d_process_intra_mb.c in mediaserver in Android 6.x before 2016-07-01 mishandles intra mode, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal b...

9.8

CVE-2016-3741

  • EPSS 1.17%
  • Veröffentlicht 11.07.2016 01:59:41
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The H.264 decoder in mediaserver in Android 6.x before 2016-07-01 does not initialize certain slice data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal ...

9.3

CVE-2016-2508

  • EPSS 0.33%
  • Veröffentlicht 11.07.2016 01:59:40
  • Zuletzt bearbeitet 12.04.2025 10:46:40

media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate certain track data, which allows remote attackers to execute arbitr...

9.3

CVE-2016-2507

  • EPSS 0.17%
  • Veröffentlicht 11.07.2016 01:59:39
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to execute arbitrary code or cause...

10

CVE-2016-2506

  • EPSS 3.45%
  • Veröffentlicht 11.07.2016 01:59:38
  • Zuletzt bearbeitet 12.04.2025 10:46:40

DRMExtractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate a certain offset value, which allows remote attackers to execute arbitrary code or caus...

9.3

CVE-2016-2505

  • EPSS 0.17%
  • Veröffentlicht 11.07.2016 01:59:37
  • Zuletzt bearbeitet 12.04.2025 10:46:40

mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x before 2016-07-01 does not validate a certain section length, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted...