CVE-2016-3901
- EPSS 0.52%
- Veröffentlicht 10.10.2016 10:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, a...
CVE-2016-3900
- EPSS 0.56%
- Veröffentlicht 10.10.2016 10:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
cmds/servicemanager/service_manager.c in ServiceManager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not properly restrict service registration, which allows attackers to gain privileges via...
CVE-2016-3882
- EPSS 0.44%
- Veröffentlicht 10.10.2016 10:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
Off-by-one error in server/wifi/anqp/VenueNameElement.java in Wi-Fi in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (reboot) via an access point that provides a crafted (1) Venue Group o...
CVE-2016-3860
- EPSS 0.45%
- Veröffentlicht 10.10.2016 10:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29...
CVE-2015-8956
- EPSS 0.22%
- Veröffentlicht 10.10.2016 10:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluet...
CVE-2015-8955
- EPSS 0.22%
- Veröffentlicht 10.10.2016 10:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multip...
CVE-2015-8951
- EPSS 0.5%
- Veröffentlicht 10.10.2016 10:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, a...
CVE-2016-3899
- EPSS 0.7%
- Veröffentlicht 11.09.2016 21:59:44
- Zuletzt bearbeitet 06.05.2026 22:30:45
OMXCodec.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not validate a certain pointer, which allows remote attackers to cause a denial o...
CVE-2016-3898
- EPSS 0.42%
- Veröffentlicht 11.09.2016 21:59:43
- Zuletzt bearbeitet 06.05.2026 22:30:45
Telephony in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows attackers to cause a denial of service (loss of locked-screen 911 TTY functionality) via a crafted application that modifies the TTY ...
CVE-2016-3897
- EPSS 0.61%
- Veröffentlicht 11.09.2016 21:59:42
- Zuletzt bearbeitet 06.05.2026 22:30:45
The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java in Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 includes a password in the return value of a toString method call, which allo...