Google

Android

7895 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2016-2467

  • EPSS 0.04%
  • Veröffentlicht 13.06.2016 01:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28029010.

9.3

CVE-2016-2466

  • EPSS 0.04%
  • Veröffentlicht 13.06.2016 01:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka internal bug 27947307.

9.3

CVE-2016-2465

  • EPSS 0.04%
  • Veröffentlicht 13.06.2016 01:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407865.

9.3

CVE-2016-2464

  • EPSS 0.25%
  • Veröffentlicht 13.06.2016 01:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted mkv file,...

8.4

CVE-2016-2463

  • EPSS 0.62%
  • Veröffentlicht 13.06.2016 01:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple integer overflows in the h264dec component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allow remote attackers to execute arbitrary code or cause a denial of ...

7.8

CVE-2016-4477

  • EPSS 0.13%
  • Veröffentlicht 09.05.2016 10:59:42
  • Zuletzt bearbeitet 12.04.2025 10:46:40

wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafte...

7.6

CVE-2016-2462

  • EPSS 0.06%
  • Veröffentlicht 09.05.2016 10:59:40
  • Zuletzt bearbeitet 12.04.2025 10:46:40

OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bug 27371173.

7.6

CVE-2016-2461

  • EPSS 0.09%
  • Veröffentlicht 09.05.2016 10:59:39
  • Zuletzt bearbeitet 12.04.2025 10:46:40

OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 276966...

5.5

CVE-2016-2460

  • EPSS 0.07%
  • Veröffentlicht 09.05.2016 10:59:38
  • Zuletzt bearbeitet 12.04.2025 10:46:40

mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGrap...

5.5

CVE-2016-2459

  • EPSS 0.07%
  • Veröffentlicht 09.05.2016 10:59:37
  • Zuletzt bearbeitet 12.04.2025 10:46:40

mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGrap...