Google

Android

8032 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2016-3743

  • EPSS 0.73%
  • Veröffentlicht 11.07.2016 01:59:43
  • Zuletzt bearbeitet 12.04.2025 10:46:40

decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-07-01 does not initialize certain data structures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka i...

9.8

CVE-2016-3742

  • EPSS 0.73%
  • Veröffentlicht 11.07.2016 01:59:42
  • Zuletzt bearbeitet 12.04.2025 10:46:40

decoder/ih264d_process_intra_mb.c in mediaserver in Android 6.x before 2016-07-01 mishandles intra mode, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal b...

9.8

CVE-2016-3741

  • EPSS 1.17%
  • Veröffentlicht 11.07.2016 01:59:41
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The H.264 decoder in mediaserver in Android 6.x before 2016-07-01 does not initialize certain slice data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal ...

9.3

CVE-2016-2508

  • EPSS 0.33%
  • Veröffentlicht 11.07.2016 01:59:40
  • Zuletzt bearbeitet 12.04.2025 10:46:40

media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate certain track data, which allows remote attackers to execute arbitr...

9.3

CVE-2016-2507

  • EPSS 0.17%
  • Veröffentlicht 11.07.2016 01:59:39
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in codecs/on2/h264dec/source/h264bsd_storage.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to execute arbitrary code or cause...

10

CVE-2016-2506

  • EPSS 3.45%
  • Veröffentlicht 11.07.2016 01:59:38
  • Zuletzt bearbeitet 12.04.2025 10:46:40

DRMExtractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate a certain offset value, which allows remote attackers to execute arbitrary code or caus...

9.3

CVE-2016-2505

  • EPSS 0.17%
  • Veröffentlicht 11.07.2016 01:59:37
  • Zuletzt bearbeitet 12.04.2025 10:46:40

mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x before 2016-07-01 does not validate a certain section length, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted...

9.3

CVE-2016-2503

  • EPSS 0.04%
  • Veröffentlicht 11.07.2016 01:59:36
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28084795 and Qualcomm internal bug CR1006067.

9.3

CVE-2016-2502

  • EPSS 0.04%
  • Veröffentlicht 11.07.2016 01:59:35
  • Zuletzt bearbeitet 12.04.2025 10:46:40

drivers/usb/gadget/f_serial.c in the Qualcomm USB driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a large size in a GSER_IOCTL ioctl call, aka Android internal bug 27657963 and Qualcomm internal ...

9.3

CVE-2016-2501

  • EPSS 0.04%
  • Veröffentlicht 11.07.2016 01:59:34
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Qualcomm camera driver in Android before 2016-07-05 on Nexus 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 27890772 and Qualcomm internal bug CR1001092.