|
266411
|
7.8 |
HIGH
Local
|
libtiff
oracle
|
libtiff
vm_server
|
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
|
CWE-787
Out-of-bounds Write
|
CVE-2016-3632
|
2024-11-21 11:50 |
2016-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266412
|
5.5 |
MEDIUM
Local
|
google
|
android
|
OMXCodec.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not validate a certain pointer…
|
CWE-284
Improper Access Control
|
CVE-2016-3899
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266413
|
5.5 |
MEDIUM
Local
|
google
|
android
|
Telephony in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows attackers to cause a denial of service (loss of locked-screen 911 TTY functionalit…
|
CWE-284
Improper Access Control
|
CVE-2016-3898
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266414
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java in Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 includes a password in the…
|
CWE-200
Information Exposure
|
CVE-2016-3897
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266415
|
5.5 |
MEDIUM
Local
|
google
|
android
|
AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 allows attackers to obtain sensitive EmailAccountCacheProvider information via a crafted appli…
|
CWE-200
Information Exposure
|
CVE-2016-3896
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266416
|
5.5 |
MEDIUM
Local
|
google
|
android
|
Integer overflow in the Region::unflatten function in libs/ui/Region.cpp in mediaserver in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows attackers to obtain sensitive information via…
|
CWE-200
CWE-190
Information Exposure
Integer Overflow or Wraparound
|
CVE-2016-3895
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266417
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The Qualcomm DMA component in Android before 2016-09-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29618014 and Qualcomm i…
|
CWE-200
Information Exposure
|
CVE-2016-3894
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266418
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allo…
|
CWE-200
Information Exposure
|
CVE-2016-3893
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266419
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The Qualcomm SPMI driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28760543 a…
|
CWE-200
Information Exposure
|
CVE-2016-3892
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266420
|
7.0 |
HIGH
Local
|
google
|
android
|
The Java Debug Wire Protocol (JDWP) implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3890
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
