CVE-2016-3885
- EPSS 1.21%
- Veröffentlicht 11.09.2016 21:59:29
- Zuletzt bearbeitet 06.05.2026 22:30:45
debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles the interaction between PTRACE_ATTACH operations and thread exits, which allows attackers to gain priv...
CVE-2016-3884
- EPSS 0.44%
- Veröffentlicht 11.09.2016 21:59:28
- Zuletzt bearbeitet 06.05.2026 22:30:45
server/notification/NotificationManagerService.java in the Notification Manager Service in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 lacks uid checks, which allows attackers to bypass intended restrictions on method calls via a crafted ...
CVE-2016-3883
- EPSS 0.44%
- Veröffentlicht 11.09.2016 21:59:27
- Zuletzt bearbeitet 06.05.2026 22:30:45
internal/telephony/SMSDispatcher.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not properly construct warnings about premium SMS messages, which allows att...
CVE-2016-3881
- EPSS 0.88%
- Veröffentlicht 11.09.2016 21:59:25
- Zuletzt bearbeitet 06.05.2026 22:30:45
The decoder_peek_si_internal function in vp9/vp9_dx_iface.c in libvpx in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows remote attackers to cause a denial of se...
CVE-2016-3880
- EPSS 0.76%
- Veröffentlicht 11.09.2016 21:59:24
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple buffer overflows in rtsp/ASessionDescription.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow remote attackers to cause a denial ...
CVE-2016-3879
- EPSS 0.71%
- Veröffentlicht 11.09.2016 21:59:23
- Zuletzt bearbeitet 06.05.2026 22:30:45
arm-wt-22k/lib_src/eas_mdls.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 allows remote attackers to cause a denial of service (NULL pointer dereference, and device hang or reboot) via...
CVE-2016-3878
- EPSS 0.7%
- Veröffentlicht 11.09.2016 21:59:22
- Zuletzt bearbeitet 06.05.2026 22:30:45
decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-09-01 mishandles the case of decoding zero MBs, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29493002.
- EPSS 0.67%
- Veröffentlicht 11.09.2016 21:59:21
- Zuletzt bearbeitet 06.05.2026 22:30:45
Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors.
CVE-2016-3876
- EPSS 0.2%
- Veröffentlicht 11.09.2016 21:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
providers/settings/SettingsProvider.java in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the SAFE_BOOT_DISALLOWED protection mechanism and boot to safe mode via the Android Debug Bridge (adb)...
CVE-2016-3875
- EPSS 0.2%
- Veröffentlicht 11.09.2016 21:59:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
server/wm/WindowManagerService.java in Android 6.x before 2016-09-01 does not enforce the DISALLOW_SAFE_BOOT setting, which allows physically proximate attackers to bypass intended access restrictions and boot to safe mode via unspecified vectors, ak...