CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
351 CVE-2016-3868 264 +Priv 2016-09-11 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The Qualcomm power driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28967028 and Qualcomm internal bug CR1032875.
352 CVE-2016-3867 264 +Priv 2016-09-11 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28919863 and Qualcomm internal bug CR1037897.
353 CVE-2016-3866 264 +Priv 2016-09-11 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The Qualcomm sound driver in Android before 2016-09-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28868303 and Qualcomm internal bug CR1032820.
354 CVE-2016-3865 264 +Priv 2016-09-11 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28799389.
355 CVE-2016-3864 264 +Priv 2016-09-11 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The Qualcomm radio interface layer in Android before 2016-09-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28823714 and Qualcomm internal bug CR913117.
356 CVE-2016-3863 284 Exec Code Overflow 2016-09-11 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple stack-based buffer overflows in the AVCC reassembly implementation in Utils.cpp in libstagefright in MediaMuxer in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow remote attackers to execute arbitrary code via a crafted media file, aka internal bug 29161888.
357 CVE-2016-3862 119 DoS Exec Code Overflow Mem. Corr. 2016-09-11 2016-09-12
9.3
None Remote Medium Not required Complete Complete Complete
media/ExifInterface.java in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 does not properly interact with the use of static variables in libjhead_jni, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 29270469.
358 CVE-2016-3861 119 DoS Exec Code Overflow 2016-09-11 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted file, aka internal bug 29250543.
359 CVE-2016-3860 200 +Info 2016-10-10 2016-11-28
4.3
None Remote Medium Not required Partial None None
sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29323142 and Qualcomm internal bug CR 1038127.
360 CVE-2016-3859 264 +Priv 2016-09-11 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The Qualcomm camera driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28815326 and Qualcomm internal bug CR1034641.
361 CVE-2016-3858 119 Overflow +Priv 2016-09-11 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in drivers/soc/qcom/subsystem_restart.c in the Qualcomm subsystem driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application that provides a long string, aka Android internal bug 28675151 and Qualcomm internal bug CR1022641.
362 CVE-2016-3857 264 +Priv 2016-08-05 2016-08-10
9.3
None Remote Medium Not required Complete Complete Complete
The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.
363 CVE-2016-3856 19 DoS 2016-08-06 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
netd in Android before 2016-08-05 mishandles tethering and stdio streams, which allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR959631.
364 CVE-2016-3855 125 DoS 2016-08-06 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
drivers/thermal/supply_lm_core.c in the Qualcomm components in Android before 2016-08-05 does not validate a certain count parameter, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR990824.
365 CVE-2016-3854 125 DoS 2016-08-06 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR897326.
366 CVE-2016-3853 264 Bypass 2016-08-05 2016-11-28
4.9
None Local Low Not required None None Complete
Google Play services in Android before 2016-08-05 on Nexus devices allow local users to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 26803208.
367 CVE-2016-3852 200 +Info 2016-08-05 2016-11-28
4.3
None Remote Medium Not required Partial None None
The MediaTek Wi-Fi driver in Android before 2016-08-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29141147 and MediaTek internal bug ALPS02751738.
368 CVE-2016-3851 264 +Priv 2016-08-05 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X devices allows attackers to gain privileges by leveraging access to a privileged process, aka internal bug 29189941.
369 CVE-2016-3850 264 Overflow +Priv 2016-08-05 2016-11-28
6.9
None Local Medium Not required Complete Complete Complete
Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted header field in a boot image, aka Android internal bug 27917291 and Qualcomm internal bug CR945164.
370 CVE-2016-3849 264 +Priv 2016-08-05 2016-11-28
6.9
None Local Medium Not required Complete Complete Complete
The ION driver in Android before 2016-08-05 on Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28939740.
371 CVE-2016-3848 264 +Priv 2016-08-05 2016-11-28
7.6
None Remote High Not required Complete Complete Complete
The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28919417.
372 CVE-2016-3847 264 +Priv 2016-08-05 2016-11-28
6.9
None Local Medium Not required Complete Complete Complete
The NVIDIA media driver in Android before 2016-08-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28871433.
373 CVE-2016-3846 264 +Priv 2016-08-05 2016-11-28
7.6
None Remote High Not required Complete Complete Complete
The Serial Peripheral Interface driver in Android before 2016-08-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 28817378.
374 CVE-2016-3845 264 +Priv 2016-08-05 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The video driver in the kernel in Android before 2016-08-05 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28399876.
375 CVE-2016-3844 264 +Priv 2016-08-05 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
mediaserver in Android before 2016-08-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28299517.
376 CVE-2016-3843 264 Exec Code +Priv 2016-08-05 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
Android before 2016-08-05 does not properly restrict code execution in a kernel context, which allows attackers to gain privileges via a crafted application, as demonstrated by the kernel performance subsystem and the Qualcomm performance component, aka Android internal bugs 28086229 and 29119870 and Qualcomm internal bug CR1011071.
377 CVE-2016-3842 264 +Priv 2016-08-05 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28377352 and Qualcomm internal bug CR1002974.
378 CVE-2016-3841 416 DoS +Priv 2016-08-06 2016-11-28
7.2
None Local Low Not required Complete Complete Complete
The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.
379 CVE-2016-3840 264 Exec Code 2016-08-05 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-05 does not properly identify session reuse, which allows remote attackers to execute arbitrary code via unspecified vectors, aka internal bug 28751153.
380 CVE-2016-3839 284 DoS 2016-08-05 2016-11-28
4.3
None Remote Medium Not required None None Partial
Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to cause a denial of service (loss of Bluetooth 911 functionality) via a crafted application that sends a signal to a Bluetooth process, aka internal bug 28885210.
381 CVE-2016-3838 284 DoS 2016-08-05 2016-11-28
4.3
None Remote Medium Not required None None Partial
Android 6.x before 2016-08-01 allows attackers to cause a denial of service (loss of locked-screen 911 functionality) via a crafted application that uses the app-pinning feature, aka internal bug 28761672.
382 CVE-2016-3837 200 +Info 2016-08-05 2016-11-28
4.3
None Remote Medium Not required Partial None None
service/jni/com_android_server_wifi_WifiNative.cpp in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application that provides a MAC address with too few characters, aka internal bug 28164077.
383 CVE-2016-3836 200 +Info 2016-08-05 2016-11-28
4.3
None Remote Medium Not required Partial None None
The SurfaceFlinger service in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to obtain sensitive information via a crafted application, related to lack of a default constructor in include/ui/FrameStats.h, aka internal bug 28592402.
384 CVE-2016-3835 200 +Info 2016-08-05 2016-11-28
4.3
None Remote Medium Not required Partial None None
The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 28920116.
385 CVE-2016-3834 200 Bypass +Info 2016-08-05 2016-11-28
4.3
None Remote Medium Not required Partial None None
The camera APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allow attackers to bypass intended access restrictions and obtain sensitive information about ANW buffer addresses via a crafted application, aka internal bug 28466701.
386 CVE-2016-3833 264 Bypass 2016-08-05 2016-11-28
9.3
None Remote Medium Not required Complete Complete Complete
The Shell component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not properly manage the MANAGE_USERS and CREATE_USERS permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka internal bug 29189712.
387 CVE-2016-3832 264 Bypass 2016-08-05 2016-11-28
8.3
None Remote Medium Not required Partial Partial Complete
The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 do not ensure that package data originated from the Package Manager, which allows attackers to bypass an unspecified protection mechanism via a crafted application, aka internal bug 28795098.
388 CVE-2016-3831 20 DoS 2016-08-05 2016-11-28
5.0
None Remote Low Not required None None Partial
The telephony component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to cause a denial of service (device crash) via a NITZ time value of 2038-01-19 or later that is mishandled by the system clock, aka internal bug 29083635, related to a "Year 2038 problem."
389 CVE-2016-3830 20 DoS 2016-08-05 2016-11-28
7.1
None Remote Medium Not required None None Complete
codecs/aacdec/SoftAAC2.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to cause a denial of service (device hang or reboot) via crafted ADTS data, aka internal bug 29153599.
390 CVE-2016-3829 172 DoS 2016-08-05 2016-11-28
7.1
None Remote Medium Not required None None Complete
The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 does not initialize certain structure members, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29023649.
391 CVE-2016-3828 172 DoS 2016-08-05 2016-11-28
7.1
None Remote Medium Not required None None Complete
decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and SPS NAL units, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28835995.
392 CVE-2016-3827 172 DoS 2016-08-05 2016-11-28
7.1
None Remote Medium Not required None None Complete
codecs/hevcdec/SoftHEVC.cpp in libstagefright in mediaserver in Android 6.0.1 before 2016-08-01 mishandles decoder errors, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28816956.
393 CVE-2016-3826 20 +Priv 2016-08-05 2016-11-28
4.6
None Local Low Not required Partial Partial Partial
services/audioflinger/Effects.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the reply size for an AudioFlinger effect command, which allows attackers to gain privileges via a crafted application, aka internal bug 29251553.
394 CVE-2016-3825 119 Overflow +Priv 2016-08-05 2016-11-28
4.6
None Local Low Not required Partial Partial Partial
mm-video-v4l2/vidc/venc/src/omx_video_base.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allocates an incorrect amount of memory, which allows attackers to gain privileges via a crafted application, aka internal bug 28816964.
395 CVE-2016-3824 119 Overflow +Priv 2016-08-05 2016-11-28
4.6
None Local Low Not required Partial Partial Partial
omx/OMXNodeInstance.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the buffer port, which allows attackers to gain privileges via a crafted application, aka internal bug 28816827.
396 CVE-2016-3823 119 Overflow +Priv 2016-08-05 2016-11-28
4.6
None Local Low Not required Partial Partial Partial
The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to gain privileges via a crafted application, aka internal bug 28815329.
397 CVE-2016-3822 119 DoS Exec Code Overflow 2016-08-05 2016-11-28
7.5
None Remote Low Not required Partial Partial Partial
exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds access) via crafted EXIF data, aka internal bug 28868315.
398 CVE-2016-3821 476 DoS Exec Code Mem. Corr. 2016-08-05 2016-11-28
7.5
None Remote Low Not required Partial Partial Partial
libmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 has certain incorrect declarations, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference or memory corruption) via a crafted media file, aka internal bug 28166152.
399 CVE-2016-3820 119 DoS Exec Code Overflow Mem. Corr. 2016-08-05 2016-11-28
7.5
None Remote Low Not required Partial Partial Partial
The ih264d decoder in mediaserver in Android 6.x before 2016-08-01 mishandles slice numbers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28673410.
400 CVE-2016-3819 119 DoS Exec Code Overflow Mem. Corr. 2016-08-05 2016-11-28
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in codecs/on2/h264dec/source/h264bsd_dpb.c in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28533562.
Total number of vulnerabilities : 884   Page : 1 2 3 4 5 6 7 8 (This Page)9 10 11 12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.