Google

Android

8158 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 5.9%
  • Veröffentlicht 12.03.2016 21:59:17
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvp...

  • EPSS 0.18%
  • Veröffentlicht 12.03.2016 21:59:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25955042.

  • EPSS 0.53%
  • Veröffentlicht 12.03.2016 21:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

btif_config.c in Bluetooth in Android 6.x before 2016-03-01 allows remote attackers to cause a denial of service (memory corruption and persistent daemon crash) by triggering a large number of configuration entries, and consequently exceeding the max...

  • EPSS 0.48%
  • Veröffentlicht 12.03.2016 21:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READ_PHONE_STATE permission, which allows attackers to obtain sensitiv...

  • EPSS 0.75%
  • Veröffentlicht 12.03.2016 21:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The BnGraphicBufferProducer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not initialize a certain output data structure, which allows a...

  • EPSS 0.55%
  • Veröffentlicht 12.03.2016 21:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureO...

  • EPSS 0.75%
  • Veröffentlicht 12.03.2016 21:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The BnGraphicBufferConsumer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not initialize a certain slot variable, which allows attackers to obtain sensitiv...

  • EPSS 0.57%
  • Veröffentlicht 12.03.2016 21:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted...

  • EPSS 0.49%
  • Veröffentlicht 12.03.2016 21:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining Signature or SignatureOrSystem access, aka interna...

  • EPSS 0.31%
  • Veröffentlicht 12.03.2016 21:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 257...