CVE-2016-3925
- EPSS 0.36%
- Veröffentlicht 10.10.2016 10:59:29
- Zuletzt bearbeitet 06.05.2026 22:30:45
server/wifi/anqp/ANQPFactory.java in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows attackers to cause a denial of service (blocked Wi-Fi usage) via a crafted application, aka internal bug 30230534.
CVE-2016-3924
- EPSS 0.45%
- Veröffentlicht 10.10.2016 10:59:28
- Zuletzt bearbeitet 06.05.2026 22:30:45
services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate EFFECT_CMD_SET_PARAM and EFFECT_CMD_SET_PARAM_DEFERRED commands, ...
CVE-2016-3923
- EPSS 0.49%
- Veröffentlicht 10.10.2016 10:59:27
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Accessibility services in Android 7.0 before 2016-10-01 mishandle motion events, which allows attackers to conduct touchjacking attacks and consequently gain privileges via a crafted application, aka internal bug 30647115.
CVE-2016-3922
- EPSS 0.39%
- Veröffentlicht 10.10.2016 10:59:26
- Zuletzt bearbeitet 06.05.2026 22:30:45
libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619.
CVE-2016-3921
- EPSS 0.53%
- Veröffentlicht 10.10.2016 10:59:25
- Zuletzt bearbeitet 06.05.2026 22:30:45
libsysutils/src/FrameworkListener.cpp in Framework Listener in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka inter...
CVE-2016-3920
- EPSS 0.72%
- Veröffentlicht 10.10.2016 10:59:24
- Zuletzt bearbeitet 06.05.2026 22:30:45
id3/ID3.cpp in libstagefright in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka inte...
CVE-2016-3918
- EPSS 0.46%
- Veröffentlicht 10.10.2016 10:59:22
- Zuletzt bearbeitet 06.05.2026 22:30:45
email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain values are integers, which allows attackers to read...
CVE-2016-3917
- EPSS 0.19%
- Veröffentlicht 10.10.2016 10:59:21
- Zuletzt bearbeitet 06.05.2026 22:30:45
The fingerprint login feature in Android 6.0.1 before 2016-10-01 and 7.0 before 2016-10-01 does not track the user account during the authentication process, which allows physically proximate attackers to authenticate as an arbitrary user by leveragi...
CVE-2016-3916
- EPSS 0.53%
- Veröffentlicht 10.10.2016 10:59:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 3...
CVE-2016-3915
- EPSS 0.53%
- Veröffentlicht 10.10.2016 10:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 3...