Google

Android

8041 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-3833

  • EPSS 0.13%
  • Veröffentlicht 01.10.2015 00:59:17
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The getRunningAppProcesses function in services/core/java/com/android/server/am/ActivityManagerService.java in Android before 5.1.1 LMY48I allows attackers to bypass intended getRecentTasks restrictions and discover the name of the foreground applica...

10

CVE-2015-3832

  • EPSS 6.83%
  • Veröffentlicht 01.10.2015 00:59:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538.

9.3

CVE-2015-3831

  • EPSS 0.86%
  • Veröffentlicht 01.10.2015 00:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the readAt function in BpMediaHTTPConnection in media/libmedia/IMediaHTTPConnection.cpp in the mediaserver service in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bu...

10

CVE-2015-3829

  • EPSS 17.06%
  • Veröffentlicht 01.10.2015 00:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption)...

10

CVE-2015-3828

  • EPSS 17.06%
  • Veröffentlicht 01.10.2015 00:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to execute arbi...

9.3

CVE-2015-3827

  • EPSS 7.34%
  • Veröffentlicht 01.10.2015 00:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a d...

5

CVE-2015-3826

  • EPSS 1.44%
  • Veröffentlicht 01.10.2015 00:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to cause a deni...

10

CVE-2015-3824

  • EPSS 12.3%
  • Veröffentlicht 01.10.2015 00:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbitrary code or cause a denial of service (integer ove...

4.3

CVE-2015-1541

  • EPSS 0.06%
  • Veröffentlicht 01.10.2015 00:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The AppWidgetServiceImpl implementation in com/android/server/appwidget/AppWidgetServiceImpl.java in the Settings application in Android before 5.1.1 LMY48I allows attackers to obtain a URI permission via an application that sends an Intent with a (1...

10

CVE-2015-1539

  • EPSS 12.7%
  • Veröffentlicht 01.10.2015 00:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CV...