Google

Android

8158 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.48%
  • Veröffentlicht 05.08.2016 20:59:23
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGE_USERS and CREATE_USERS permissions, which allows attackers to bypass intended access restrictions via a crafted appli...

  • EPSS 0.41%
  • Veröffentlicht 05.08.2016 20:59:22
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 do not ensure that package data originated from the Package Manager, which allows attackers to bypass an unspecified protection mechanis...

  • EPSS 0.77%
  • Veröffentlicht 05.08.2016 20:59:21
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The telephony component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to cause a denial of service (device crash) via a NITZ time value of 2038-01-19 or later that is mishandled...

  • EPSS 0.57%
  • Veröffentlicht 05.08.2016 20:59:20
  • Zuletzt bearbeitet 06.05.2026 22:30:45

codecs/aacdec/SoftAAC2.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to cause a denial of service (device hang or reboot) via crafted ADTS d...

  • EPSS 0.68%
  • Veröffentlicht 05.08.2016 20:59:19
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 does not initialize certain structure members, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29023649.

  • EPSS 0.57%
  • Veröffentlicht 05.08.2016 20:59:18
  • Zuletzt bearbeitet 06.05.2026 22:30:45

decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and SPS NAL units, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28835995.

  • EPSS 0.57%
  • Veröffentlicht 05.08.2016 20:59:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in Android 6.0.1 before 2016-08-01 mishandles decoder errors, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 2...

  • EPSS 0.2%
  • Veröffentlicht 05.08.2016 20:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the reply size for an AudioFlinger effect command, which allows attackers to gain privil...

  • EPSS 0.2%
  • Veröffentlicht 05.08.2016 20:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

mm-video-v4l2/vidc/venc/src/omx_video_base.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allocates an incorrect amount of memory, which allows attackers to gain privileges via a crafted application, a...

  • EPSS 0.2%
  • Veröffentlicht 05.08.2016 20:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

omx/OMXNodeInstance.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the buffer port, which allows attackers to gain privileges via a crafted applica...