|
266421
|
6.8 |
MEDIUM
Physics
|
google
|
android
|
Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism by accessing (1) an external tile from a syst…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3889
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266422
|
2.1 |
LOW
Physics
|
google
|
android
|
internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3888
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266423
|
7.8 |
HIGH
Local
|
google
|
android
|
providers/settings/SettingsProvider.java in Android 7.0 before 2016-09-01 does not properly enforce the DISALLOW_CONFIG_VPN setting, which allows attackers to bypass an intended always-on VPN state v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3887
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266424
|
6.8 |
MEDIUM
Physics
|
google
|
android
|
systemui/statusbar/phone/QuickStatusBarHeader.java in the System UI Tuner in Android 7.0 before 2016-09-01 does not prevent tuner changes on the lockscreen, which allows physically proximate attacker…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3886
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266425
|
7.8 |
HIGH
Local
|
google
|
android
|
debuggerd/debuggerd.cpp in Debuggerd in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles the interaction between PTRACE_ATTACH operations an…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3885
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266426
|
5.5 |
MEDIUM
Local
|
google
|
android
|
server/notification/NotificationManagerService.java in the Notification Manager Service in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 lacks uid checks, which allows attackers to bypass i…
|
CWE-284
Improper Access Control
|
CVE-2016-3884
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266427
|
5.5 |
MEDIUM
Local
|
google
|
android
|
internal/telephony/SMSDispatcher.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not properly construct wa…
|
CWE-284
Improper Access Control
|
CVE-2016-3883
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266428
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The decoder_peek_si_internal function in vp9/vp9_dx_iface.c in libvpx in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3881
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266429
|
5.5 |
MEDIUM
Local
|
google
|
android
|
Multiple buffer overflows in rtsp/ASessionDescription.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2…
|
CWE-284
Improper Access Control
|
CVE-2016-3880
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266430
|
5.5 |
MEDIUM
Local
|
google
|
android
|
arm-wt-22k/lib_src/eas_mdls.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 allows remote attackers to cause a denial of service (NULL …
|
CWE-284
Improper Access Control
|
CVE-2016-3879
|
2024-11-21 11:50 |
2016-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
