Latest CVE Feed
-
9.3
HIGHCVE-2016-3915
camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 305918... Read more
Affected Products : android- EPSS Score: %0.14
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-3914
Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application that mo... Read more
Affected Products : android- EPSS Score: %0.11
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-3913
media/libmediaplayerservice/MediaPlayerService.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not validate a certain static_cast operation, which allows attacke... Read more
Affected Products : android- EPSS Score: %0.14
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-3912
The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allow attackers to gain privileges via a crafted application, aka internal bug 30202481.... Read more
Affected Products : android- EPSS Score: %0.14
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-3911
core/java/android/os/Process.java in Zygote in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30143607.... Read more
Affected Products : android- EPSS Score: %0.06
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-3910
services/soundtrigger/SoundTriggerHwService.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30148546.... Read more
Affected Products : android- EPSS Score: %0.14
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-3909
The SoftMPEG4 component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug ... Read more
Affected Products : android- EPSS Score: %0.14
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-3908
The Lock Settings Service in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows attackers to remove a device's PIN or password, and consequently gain privileges, via a crafted application, aka internal bug 30003944.... Read more
Affected Products : android- EPSS Score: %0.09
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-3905
CORE/HDD/src/wlan_hdd_main.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application that sends a SENDACTIONFRAME command, aka Android internal bug 28061823 and Qualcomm i... Read more
Affected Products : android- EPSS Score: %0.06
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-3903
drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Andr... Read more
Affected Products : android- EPSS Score: %0.06
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-3902
drivers/platform/msm/ipa/ipa_qmi_service.c in the Qualcomm IPA driver in Android before 2016-10-05 on Nexus 5X and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29953313 and Qualcomm intern... Read more
Affected Products : android- EPSS Score: %0.09
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-3901
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka An... Read more
Affected Products : android- EPSS Score: %0.06
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-3900
cmds/servicemanager/service_manager.c in ServiceManager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not properly restrict service registration, which allows attackers to gain privileges via a cr... Read more
Affected Products : android- EPSS Score: %0.14
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
6.5
MEDIUMCVE-2016-3882
Off-by-one error in server/wifi/anqp/VenueNameElement.java in Wi-Fi in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (reboot) via an access point that provides a crafted (1) Venue Group or (2)... Read more
Affected Products : android- EPSS Score: %0.21
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2016-3860
sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 2932314... Read more
Affected Products : android- EPSS Score: %0.10
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
6.1
MEDIUMCVE-2015-8956
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth ... Read more
- EPSS Score: %0.04
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
7.3
HIGHCVE-2015-8955
arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW... Read more
- EPSS Score: %0.06
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2015-8951
Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka An... Read more
Affected Products : android- EPSS Score: %0.06
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2015-8950
arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggerin... Read more
Affected Products : linux_kernel- EPSS Score: %0.15
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025
-
7.0
HIGHCVE-2015-0572
Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to ... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: Oct. 10, 2016
- Modified: Apr. 12, 2025