Google

Android

7930 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.4

CVE-2016-0805

  • EPSS 0.13%
  • Veröffentlicht 07.02.2016 01:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204.

10

CVE-2016-0804

  • EPSS 1.22%
  • Veröffentlicht 07.02.2016 01:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The NuPlayer::GenericSource::notifyPreparedAndCleanup function in media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 improperly manages mDrmManagerClient objects, which a...

10

CVE-2016-0803

  • EPSS 1.22%
  • Veröffentlicht 07.02.2016 01:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a ...

8.8

CVE-2016-0802

  • EPSS 6.75%
  • Veröffentlicht 07.02.2016 01:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control me...

9.8

CVE-2016-0801

  • EPSS 51.23%
  • Veröffentlicht 07.02.2016 01:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control me...

5.3

CVE-2016-1948

  • EPSS 0.22%
  • Veröffentlicht 31.01.2016 18:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream.

4.7

CVE-2016-1943

  • EPSS 0.56%
  • Veröffentlicht 31.01.2016 18:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.

5.3

CVE-2016-1940

  • EPSS 0.32%
  • Veröffentlicht 31.01.2016 18:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing.

9.3

CVE-2015-6647

  • EPSS 0.17%
  • Veröffentlicht 06.01.2016 19:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554.

7.8

CVE-2015-6646

  • EPSS 0.1%
  • Veröffentlicht 06.01.2016 19:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The System V IPC implementation in the kernel in Android before 6.0 2016-01-01 allows attackers to cause a denial of service (global kernel resource consumption) by leveraging improper interaction between IPC resource allocation and the memory manage...