Google

Android

7895 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2016-2418

  • EPSS 0.2%
  • Veröffentlicht 18.04.2016 00:59:24
  • Zuletzt bearbeitet 12.04.2025 10:46:40

media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize certain metadata buffer pointers, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protectio...

10

CVE-2016-2416

  • EPSS 0.29%
  • Veröffentlicht 18.04.2016 00:59:23
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for the android.permission.DUMP permission, which allows attackers to obtain sensitive infor...

10

CVE-2016-2417

  • EPSS 13.16%
  • Veröffentlicht 18.04.2016 00:59:23
  • Zuletzt bearbeitet 12.04.2025 10:46:40

media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a parameter data structure, which allows attackers to obtain sensitive information from process ...

6.2

CVE-2016-2414

  • EPSS 0.5%
  • Veröffentlicht 18.04.2016 00:59:21
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Minikin library in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider negative size values in font data, which allows remote attackers to cause a denial of service (memory corruption and reboot lo...

7.1

CVE-2016-2415

  • EPSS 0.07%
  • Veröffentlicht 18.04.2016 00:59:21
  • Zuletzt bearbeitet 12.04.2025 10:46:40

exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that t...

9.3

CVE-2016-2413

  • EPSS 0.04%
  • Veröffentlicht 18.04.2016 00:59:20
  • Zuletzt bearbeitet 12.04.2025 10:46:40

media/libmedia/IOMX.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a handle pointer, which allows attackers to gain privileges via a crafted application, as demonstrated by obtainin...

9.3

CVE-2016-2412

  • EPSS 0.04%
  • Veröffentlicht 18.04.2016 00:59:19
  • Zuletzt bearbeitet 12.04.2025 10:46:40

include/core/SkPostConfig.h in Skia, as used in System_server in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01, mishandles certain crashes, which allows attackers to gain privileges via a crafted applicat...

9.3

CVE-2016-2411

  • EPSS 0.06%
  • Veröffentlicht 18.04.2016 00:59:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages root access, aka internal bug 26866053.

7.4

CVE-2016-2410

  • EPSS 0.01%
  • Veröffentlicht 18.04.2016 00:59:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this driver, aka internal bug 26291677.

9.3

CVE-2016-2409

  • EPSS 0.16%
  • Veröffentlicht 18.04.2016 00:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

A Texas Instruments (TI) haptic kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this driver, aka internal bug 25981545.