|
266471
|
5.5 |
MEDIUM
Local
|
google
|
android
|
service/jni/com_android_server_wifi_WifiNative.cpp in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted…
|
CWE-200
Information Exposure
|
CVE-2016-3837
|
2024-11-21 11:50 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266472
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The SurfaceFlinger service in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application, related to lack of …
|
CWE-200
Information Exposure
|
CVE-2016-3836
|
2024-11-21 11:50 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266473
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, …
|
CWE-200
Information Exposure
|
CVE-2016-3835
|
2024-11-21 11:50 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266474
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The camera APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allow attackers to bypass intended access restrictions and obtain sensitive information …
|
CWE-200
Information Exposure
|
CVE-2016-3834
|
2024-11-21 11:50 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266475
|
7.8 |
HIGH
Local
|
google
|
android
|
The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGE_USERS and CREATE_USERS permissions, which allows attackers to bypa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3833
|
2024-11-21 11:50 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266476
|
7.8 |
HIGH
Local
|
google
|
android
|
The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 do not ensure that package data originated from the Package Manager, which allows att…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3832
|
2024-11-21 11:50 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266477
|
7.5 |
HIGH
Network
|
google
|
android
|
The telephony component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to cause a denial of service (device crash) via a NITZ t…
|
CWE-20
Improper Input Validation
|
CVE-2016-3831
|
2024-11-21 11:50 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266478
|
5.5 |
MEDIUM
Local
|
google
|
android
|
codecs/aacdec/SoftAAC2.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to cause a denial of…
|
CWE-20
Improper Input Validation
|
CVE-2016-3830
|
2024-11-21 11:50 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266479
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 does not initialize certain structure members, which allows remote attackers to cause a denial of service (device hang or reboot) vi…
|
CWE-172
Encoding Error
|
CVE-2016-3829
|
2024-11-21 11:50 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266480
|
5.5 |
MEDIUM
Local
|
google
|
android
|
decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and SPS NAL units, which allows remote attackers to cause a denial of service (device hang or reboot) via a…
|
CWE-172
Encoding Error
|
CVE-2016-3828
|
2024-11-21 11:50 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
