|
268291
|
- |
|
google
|
android
|
SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6621
|
2024-11-21 11:35 |
2015-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268292
|
- |
|
google
|
android
|
libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem acce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6620
|
2024-11-21 11:35 |
2015-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268293
|
- |
|
google
|
android
|
The kernel in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, aka internal bug 23520714.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6619
|
2024-11-21 11:35 |
2015-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268294
|
- |
|
google
|
android
|
Bluetooth in Android 4.4 and 5.x before 5.1.1 LMY48Z allows user-assisted remote attackers to execute arbitrary code by leveraging access to the local physical environment, aka internal bug 24595992.
|
CWE-254
7PK - Security Features
|
CVE-2015-6618
|
2024-11-21 11:35 |
2015-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268295
|
- |
|
google
|
android
|
Skia, as used in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, ak…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6617
|
2024-11-21 11:35 |
2015-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268296
|
- |
|
google
|
android
|
mediaserver in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6616
|
2024-11-21 11:35 |
2015-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268297
|
- |
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2015-6787
|
2024-11-21 11:35 |
2015-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268298
|
- |
|
google
|
chrome
|
The CSPSourceList::matches function in WebKit/Source/core/frame/csp/CSPSourceList.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts a blob:, data:, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6786
|
2024-11-21 11:35 |
2015-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268299
|
- |
|
google
|
chrome
|
The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6785
|
2024-11-21 11:35 |
2015-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268300
|
- |
|
google
|
chrome
|
The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web (MOTW) comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafte…
|
CWE-20
Improper Input Validation
|
CVE-2015-6784
|
2024-11-21 11:35 |
2015-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
