|
272601
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The Accessibility services in Android 7.0 before 2016-10-01 mishandle motion events, which allows attackers to conduct touchjacking attacks and consequently gain privileges via a crafted application,…
|
CWE-284
Improper Access Control
|
CVE-2016-3923
|
2024-11-21 11:50 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272602
|
7.8 |
HIGH
Local
|
google
|
android
|
libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3922
|
2024-11-21 11:50 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272603
|
7.8 |
HIGH
Local
|
google
|
android
|
libsysutils/src/FrameworkListener.cpp in Framework Listener in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to g…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3921
|
2024-11-21 11:50 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272604
|
5.5 |
MEDIUM
Local
|
google
|
android
|
id3/ID3.cpp in libstagefright in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (…
|
CWE-20
Improper Input Validation
|
CVE-2016-3920
|
2024-11-21 11:50 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272605
|
5.5 |
MEDIUM
Local
|
google
|
android
|
email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain …
|
CWE-200
Information Exposure
|
CVE-2016-3918
|
2024-11-21 11:50 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272606
|
7.8 |
HIGH
Local
|
google
|
android
|
The fingerprint login feature in Android 6.0.1 before 2016-10-01 and 7.0 before 2016-10-01 does not track the user account during the authentication process, which allows physically proximate attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3917
|
2024-11-21 11:50 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272607
|
7.8 |
HIGH
Local
|
google
|
android
|
camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-3916
|
2024-11-21 11:50 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272608
|
7.8 |
HIGH
Local
|
google
|
android
|
camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3915
|
2024-11-21 11:50 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272609
|
7.8 |
HIGH
Local
|
google
|
android
|
Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attack…
|
CWE-362
Race Condition
|
CVE-2016-3914
|
2024-11-21 11:50 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272610
|
7.8 |
HIGH
Local
|
google
|
android
|
media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not valida…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-3913
|
2024-11-21 11:50 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
