|
266501
|
7.8 |
HIGH
Local
|
google
|
android
|
libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, whic…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-0826
|
2024-11-21 11:42 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266502
|
5.3 |
MEDIUM
Network
|
google
|
android
|
The Widevine Trusted Application in Android 6.0.1 before 2016-03-01 allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access, as demonstrated by obtaining…
|
CWE-200
CWE-254
Information Exposure
7PK - Security Features
|
CVE-2016-0825
|
2024-11-21 11:42 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266503
|
5.3 |
MEDIUM
Network
|
google
|
android
|
libmpeg2 in libstagefright in Android 6.x before 2016-03-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via crafted Bitstream data, …
|
CWE-200
CWE-254
Information Exposure
7PK - Security Features
|
CVE-2016-0824
|
2024-11-21 11:42 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266504
|
4.0 |
MEDIUM
Local
|
google
linux
|
android
linux_kernel
|
The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by r…
|
CWE-200
Information Exposure
|
CVE-2016-0823
|
2024-11-21 11:42 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266505
|
7.0 |
HIGH
Local
|
google
|
android
|
The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-0822
|
2024-11-21 11:42 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266506
|
5.5 |
MEDIUM
Local
|
linux
google
|
linux_kernel
android
|
The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, w…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2016-0821
|
2024-11-21 11:42 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266507
|
7.8 |
HIGH
Local
|
google
|
android
|
The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-0820
|
2024-11-21 11:42 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266508
|
7.8 |
HIGH
Local
|
google
|
android
|
The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 2536…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-0819
|
2024-11-21 11:42 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266509
|
5.9 |
MEDIUM
Network
|
google
|
android
|
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinctio…
|
CWE-254
CWE-345
7PK - Security Features
Insufficient Verification of Data Authenticity
|
CVE-2016-0818
|
2024-11-21 11:42 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266510
|
9.8 |
CRITICAL
Network
|
google
|
android
|
mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_par…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-0816
|
2024-11-21 11:42 |
2016-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
