CVE-2016-0824
- EPSS 0.65%
- Veröffentlicht 12.03.2016 21:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via crafted Bitstream data, as demonstrated by obtaining Signature or Signature...
CVE-2016-0822
- EPSS 0.47%
- Veröffentlicht 12.03.2016 21:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324.
CVE-2016-0821
- EPSS 0.38%
- Veröffentlicht 12.03.2016 21:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a pois...
CVE-2016-0820
- EPSS 0.52%
- Veröffentlicht 12.03.2016 21:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358.
CVE-2016-0819
- EPSS 0.49%
- Veröffentlicht 12.03.2016 21:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 25364034.
CVE-2016-0818
- EPSS 0.27%
- Veröffentlicht 12.03.2016 21:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA,...
- EPSS 2.82%
- Veröffentlicht 12.03.2016 21:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_parse_islice.c and decoder/ih264d_parse_pslice.c, aka ...
- EPSS 2.82%
- Veröffentlicht 12.03.2016 21:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of ser...
- EPSS 26.34%
- Veröffentlicht 03.03.2016 20:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other imp...
CVE-2016-0728
- EPSS 3.65%
- Veröffentlicht 08.02.2016 03:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and us...