CVSS: 9.3EPSS: 0%CPEs: 9EXPL: 2CVE-2016-6772 – Google Android - WifiNative::setHotlist Stack Overflow
https://notcve.org/view.php?id=CVE-2016-6772
22 Dec 2016 — An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31856351. • https://packetstorm.news/files/id/140248 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 22EXPL: 0CVE-2016-6711
https://notcve.org/view.php?id=CVE-2016-6711
13 Dec 2016 — A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A-30593765. Una vulnerabilidad de denegación de servicio remota en libvpx en Mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a... • http://www.securityfocus.com/bid/94137 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 22EXPL: 0CVE-2016-6712
https://notcve.org/view.php?id=CVE-2016-6712
13 Dec 2016 — A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A-30593752. Una vulnerabilidad de denegación de servicio remota en libvpx en Mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a... • http://www.securityfocus.com/bid/94137 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6699
https://notcve.org/view.php?id=CVE-2016-6699
13 Dec 2016 — A remote code execution vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Android ID: A-31373622. Una vulnerabilidad de ejecución de código remoto en libstagefright en Mediaserver en Android 7.0 en versiones anteriores a 2016-11-01 p... • http://www.securityfocus.com/bid/94157 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-6720
https://notcve.org/view.php?id=CVE-2016-6720
13 Dec 2016 — An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Android ID: A-29422020. Una vulnerabilidad de divulgación de información en libstagefright en Mediaserver en Android 4.x en ver... • http://www.securityfocus.com/bid/94143 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-6722
https://notcve.org/view.php?id=CVE-2016-6722
13 Dec 2016 — An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Android ID: A-31091777. Una vulnerabilidad de divulgación de información en libstagefright en Mediaserver en Android 4.x en ver... • http://www.securityfocus.com/bid/94143 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-8967 – Ubuntu Security Notice USN-3360-1
https://notcve.org/view.php?id=CVE-2015-8967
08 Dec 2016 — arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileges, by leveraging write access. arch/arm64/kernel/sys.c en el kernel de Linux en versiones anteriores a 4.0 permiten a usuarios locales eludir el mecanismo de protección de "permisos de página estricta" y modificar la tabla de llamadas del sistema, y consecuentemente obtener privilegios, aprovechando el acceso d... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c623b33b4e9599c6ac5076f7db7369eb9869aa04 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5341 – Qualcomm Assisted-GPS Data Insecure Transmission
https://notcve.org/view.php?id=CVE-2016-5341
06 Dec 2016 — The GPS component in Android before 2016-12-05 allows man-in-the-middle attackers to cause a denial of service (GPS signal-acquisition delay) via an incorrect xtra.bin or xtra2.bin file on a spoofed Qualcomm gpsonextra.net or izatcloud.net host, aka internal bug 31470303 and external bug 211602 (and AndroidID-7225554). El componente GPS en Android en versiones anteriores a 2016-12-05 permite a atacantes man-in-the-middle provocar una denegación de servicio (retraso de adquisición de señal GPS) a través de u... • http://source.android.com/security/bulletin/2016-12-01.html • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-6706 – Android IOMXNodeInstance::enableNativeBuffers Unchecked Index
https://notcve.org/view.php?id=CVE-2016-6706
02 Dec 2016 — An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Android ID: A-31385713. Una vulnerabilidad de elevación de privilegio en libstagefright en Mediaserver en Android 7.0 en versione... • https://packetstorm.news/files/id/139997 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2016-6703
https://notcve.org/view.php?id=CVE-2016-6703
25 Nov 2016 — A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Android runtime. Android ID: A-30765246. Una vulnerabilidad de ejecución de código remoto en la biblioteca Androi... • http://www.securityfocus.com/bid/94161 • CWE-284: Improper Access Control •