| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
8451 |
CVE-2016-3883 |
284 |
|
|
2016-09-11 |
2017-08-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
internal/telephony/SMSDispatcher.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not properly construct warnings about premium SMS messages, which allows attackers to spoof the premium-payment confirmation dialog via a crafted application, aka internal bug 28557603. |
|
8452 |
CVE-2016-3860 |
200 |
|
+Info |
2016-10-10 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29323142 and Qualcomm internal bug CR 1038127. |
|
8453 |
CVE-2016-3853 |
264 |
|
Bypass |
2016-08-05 |
2016-11-28 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Google Play services in Android before 2016-08-05 on Nexus devices allow local users to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26803208. |
|
8454 |
CVE-2016-3852 |
200 |
|
+Info |
2016-08-05 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The MediaTek Wi-Fi driver in Android before 2016-08-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29141147 and MediaTek internal bug ALPS02751738. |
|
8455 |
CVE-2016-3839 |
284 |
|
DoS |
2016-08-05 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to cause a denial of service (loss of Bluetooth 911 functionality) via a crafted application that sends a signal to a Bluetooth process, aka internal bug 28885210. |
|
8456 |
CVE-2016-3838 |
284 |
|
DoS |
2016-08-05 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Android 6.x before 2016-08-01 allows attackers to cause a denial of service (loss of locked-screen 911 functionality) via a crafted application that uses the app-pinning feature, aka internal bug 28761672. |
|
8457 |
CVE-2016-3837 |
200 |
|
+Info |
2016-08-05 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
service/jni/com_android_server_wifi_WifiNative.cpp in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application that provides a MAC address with too few characters, aka internal bug 28164077. |
|
8458 |
CVE-2016-3836 |
200 |
|
+Info |
2016-08-05 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The SurfaceFlinger service in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application, related to lack of a default constructor in include/ui/FrameStats.h, aka internal bug 28592402. |
|
8459 |
CVE-2016-3835 |
200 |
|
+Info |
2016-08-05 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 28920116. |
|
8460 |
CVE-2016-3834 |
200 |
|
Bypass +Info |
2016-08-05 |
2016-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The camera APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allow attackers to bypass intended access restrictions and obtain sensitive information about ANW buffer addresses via a crafted application, aka internal bug 28466701. |
|
8461 |
CVE-2016-3826 |
20 |
|
+Priv |
2016-08-05 |
2016-11-28 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the reply size for an AudioFlinger effect command, which allows attackers to gain privileges via a crafted application, aka internal bug 29251553. |
|
8462 |
CVE-2016-3825 |
119 |
|
Overflow +Priv |
2016-08-05 |
2016-11-28 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
mm-video-v4l2/vidc/venc/src/omx_video_base.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allocates an incorrect amount of memory, which allows attackers to gain privileges via a crafted application, aka internal bug 28816964. |
|
8463 |
CVE-2016-3824 |
119 |
|
Overflow +Priv |
2016-08-05 |
2016-11-28 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
omx/OMXNodeInstance.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the buffer port, which allows attackers to gain privileges via a crafted application, aka internal bug 28816827. |
|
8464 |
CVE-2016-3823 |
119 |
|
Overflow +Priv |
2016-08-05 |
2016-11-28 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to gain privileges via a crafted application, aka internal bug 28815329. |
|
8465 |
CVE-2016-3816 |
200 |
|
+Info |
2016-07-10 |
2016-07-12 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The MediaTek display driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28402240. |
|
8466 |
CVE-2016-3815 |
200 |
|
+Info |
2016-07-10 |
2017-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28522274. |
|
8467 |
CVE-2016-3814 |
200 |
|
+Info |
2016-07-10 |
2017-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28193342. |
|
8468 |
CVE-2016-3813 |
200 |
|
+Info |
2016-07-10 |
2016-07-12 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Qualcomm USB driver in Android before 2016-07-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28172322 and Qualcomm internal bug CR1010222. |
|
8469 |
CVE-2016-3812 |
200 |
|
+Info |
2016-07-10 |
2016-07-12 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The MediaTek video codec driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28174833 and MediaTek internal bug ALPS02688832. |
|
8470 |
CVE-2016-3810 |
200 |
|
+Info |
2016-07-10 |
2016-07-12 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28175522 and MediaTek internal bug ALPS02694389. |
|
8471 |
CVE-2016-3809 |
200 |
|
+Info |
2016-07-10 |
2016-07-12 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The networking component in Android before 2016-07-05 on Android One, Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, and Pixel C devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 27532522. |
|
8472 |
CVE-2016-3749 |
255 |
|
|
2016-07-10 |
2016-07-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
server/LockSettingsService.java in LockSettingsService in Android 6.x before 2016-07-01 allows attackers to modify the screen-lock password or pattern via a crafted application, aka internal bug 28163930. |
|
8473 |
CVE-2016-3744 |
119 |
|
Overflow +Priv |
2016-07-10 |
2016-07-11 |
4.3 |
None |
Local Network |
High |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the create_pbuf function in btif/src/btif_hh.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to gain privileges via a crafted pairing operation, aka internal bug 27930580. |
|
8474 |
CVE-2016-3733 |
284 |
|
|
2017-04-20 |
2017-04-28 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber. |
|
8475 |
CVE-2016-3732 |
200 |
|
+Info |
2017-04-20 |
2017-04-27 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of other users. |
|
8476 |
CVE-2016-3729 |
284 |
|
|
2017-04-20 |
2017-04-27 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
The user editing form in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to edit profile fields locked by the administrator. |
|
8477 |
CVE-2016-3727 |
200 |
|
+Info |
2016-05-17 |
2018-01-04 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors. |
|
8478 |
CVE-2016-3724 |
200 |
|
+Info |
2016-05-17 |
2018-01-04 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration. |
|
8479 |
CVE-2016-3723 |
200 |
|
+Info |
2016-05-17 |
2018-01-04 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with read access to obtain sensitive plugin installation information by leveraging missing permissions checks in unspecified XML/JSON API endpoints. |
|
8480 |
CVE-2016-3722 |
264 |
|
DoS |
2016-05-17 |
2018-01-04 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with multiple accounts to cause a denial of service (unable to login) by editing the "full name." |
|
8481 |
CVE-2016-3721 |
17 |
|
|
2016-05-17 |
2018-01-04 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables. |
|
8482 |
CVE-2016-3718 |
20 |
|
|
2016-05-05 |
2018-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. |
|
8483 |
CVE-2016-3716 |
264 |
|
|
2016-05-05 |
2018-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. |
|
8484 |
CVE-2016-3689 |
|
|
DoS |
2016-05-02 |
2017-09-02 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface. |
|
8485 |
CVE-2016-3688 |
200 |
|
Exec Code Sql +Info |
2016-04-19 |
2016-04-28 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
SQL injection vulnerability in dotCMS before 3.5 allows remote administrators to execute arbitrary SQL commands via the c0-e3 parameter to dwr/call/plaincall/UserAjax.getUsersList.dwr. |
|
8486 |
CVE-2016-3687 |
|
|
|
2016-06-16 |
2016-06-20 |
4.0 |
None |
Remote |
High |
Not required |
Partial |
Partial |
None |
|
Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x before 11.6.0 HF6 and Edge Gateway 11.2.1, when using multi-domain single sign-on (SSO), allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in the SSO_ORIG_URI parameter. |
|
8487 |
CVE-2016-3686 |
200 |
|
+Info |
2016-04-13 |
2016-04-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x before 11.6.0 HF6 and BIG-IP Edge Gateway 11.0.0 through 11.3.0 might allow remote attackers to obtain sensitive SessionId information by leveraging access to the Location HTTP header in a redirect. |
|
8488 |
CVE-2016-3672 |
254 |
|
Bypass |
2016-04-27 |
2018-10-09 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits. |
|
8489 |
CVE-2016-3670 |
79 |
|
XSS |
2016-06-13 |
2016-06-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field. |
|
8490 |
CVE-2016-3650 |
254 |
|
|
2016-06-30 |
2017-08-31 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack. |
|
8491 |
CVE-2016-3649 |
200 |
|
+Info |
2016-06-30 |
2017-08-31 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated administrators to enumerate administrator accounts via modified GET requests. |
|
8492 |
CVE-2016-3648 |
254 |
|
Bypass |
2016-06-30 |
2017-08-31 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering data into the authorization window. |
|
8493 |
CVE-2016-3647 |
|
|
|
2016-06-30 |
2017-08-31 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request. |
|
8494 |
CVE-2016-3625 |
125 |
|
DoS |
2016-10-03 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image. |
|
8495 |
CVE-2016-3622 |
369 |
|
DoS |
2016-10-03 |
2017-11-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image. |
|
8496 |
CVE-2016-3619 |
125 |
|
DoS |
2016-10-03 |
2017-09-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image. |
|
8497 |
CVE-2016-3615 |
|
|
|
2016-07-21 |
2018-01-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML. |
|
8498 |
CVE-2016-3612 |
|
|
|
2016-07-21 |
2017-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core. |
|
8499 |
CVE-2016-3589 |
|
|
|
2016-07-21 |
2017-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Applications 12.0.1, 12.0.2, and 12.0.3 allows remote attackers to affect confidentiality and integrity via unknown vectors. |
|
8500 |
CVE-2016-3588 |
|
|
|
2016-07-21 |
2017-08-31 |
4.9 |
None |
Remote |
Medium |
Single system |
None |
Partial |
Partial |
|
Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB. |
