Google

Android

8158 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.17%
  • Veröffentlicht 18.04.2016 00:59:27
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26154410.

  • EPSS 0.47%
  • Veröffentlicht 18.04.2016 00:59:26
  • Zuletzt bearbeitet 06.05.2026 22:30:45

rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the /data/tombstones directory exists for the Debuggerd component, which allows attackers to gain privileges via a crafted application, aka internal bug 26403620.

  • EPSS 0.8%
  • Veröffentlicht 18.04.2016 00:59:25
  • Zuletzt bearbeitet 06.05.2026 22:30:45

media/libmedia/IDrm.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize a certain key-request data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified prote...

  • EPSS 0.8%
  • Veröffentlicht 18.04.2016 00:59:24
  • Zuletzt bearbeitet 06.05.2026 22:30:45

media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01 does not initialize certain metadata buffer pointers, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protectio...

  • EPSS 1.06%
  • Veröffentlicht 18.04.2016 00:59:23
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libs/gui/BufferQueueConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for the android.permission.DUMP permission, which allows attackers to obtain sensitive infor...

  • EPSS 5.32%
  • Veröffentlicht 18.04.2016 00:59:23
  • Zuletzt bearbeitet 06.05.2026 22:30:45

media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a parameter data structure, which allows attackers to obtain sensitive information from process ...

  • EPSS 0.41%
  • Veröffentlicht 18.04.2016 00:59:21
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Minikin library in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider negative size values in font data, which allows remote attackers to cause a denial of service (memory corruption and reboot lo...

  • EPSS 0.43%
  • Veröffentlicht 18.04.2016 00:59:21
  • Zuletzt bearbeitet 06.05.2026 22:30:45

exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that t...

  • EPSS 0.47%
  • Veröffentlicht 18.04.2016 00:59:20
  • Zuletzt bearbeitet 06.05.2026 22:30:45

media/libmedia/IOMX.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a handle pointer, which allows attackers to gain privileges via a crafted application, as demonstrated by obtainin...

  • EPSS 0.47%
  • Veröffentlicht 18.04.2016 00:59:19
  • Zuletzt bearbeitet 06.05.2026 22:30:45

include/core/SkPostConfig.h in Skia, as used in System_server in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01, mishandles certain crashes, which allows attackers to gain privileges via a crafted applicat...