CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3866
https://notcve.org/view.php?id=CVE-2016-3866
11 Sep 2016 — The Qualcomm sound driver in Android before 2016-09-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28868303 and Qualcomm internal bug CR1032820. El controlador de sonido Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5X, 6 y 6P permite a atacantes obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como error interno de Android 28868303 y error interno de Qualcomm... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3877
https://notcve.org/view.php?id=CVE-2016-3877
11 Sep 2016 — Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors. Vulnerabilidad no especificada en Android en versiones anteriores a 2016-09-01 tiene impacto y vectores de ataque desconocidos. • http://source.android.com/security/bulletin/2016-09-01.html •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3858
https://notcve.org/view.php?id=CVE-2016-3858
11 Sep 2016 — Buffer overflow in drivers/soc/qcom/subsystem_restart.c in the Qualcomm subsystem driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application that provides a long string, aka Android internal bug 28675151 and Qualcomm internal bug CR1022641. Desbordamiento de búfer en drivers/soc/qcom/subsystem_restart.c en el controlador del subsistema Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5X y 6P permite a atacantes o... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3892
https://notcve.org/view.php?id=CVE-2016-3892
11 Sep 2016 — The Qualcomm SPMI driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28760543 and Qualcomm internal bug CR1024197. El controlador Qualcomm SPMI en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5, 5X, 6 y 6P permite a atacantes obtener información sensible a través de una aplicación manipulada, vulnerabilidad también conocida como error interno de Android 28760543 y err... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3887
https://notcve.org/view.php?id=CVE-2016-3887
11 Sep 2016 — providers/settings/SettingsProvider.java in Android 7.0 before 2016-09-01 does not properly enforce the DISALLOW_CONFIG_VPN setting, which allows attackers to bypass an intended always-on VPN state via a crafted application, aka internal bug 29899712. providers/settings/SettingsProvider.java en Android 7.0 en versiones anteriores a 2016-09-01 no hace cumplir adecuadamente el ajuste DISALLOW_CONFIG_VPN, lo que permite a atacantes eludir un estado siempre destinado al VPN a través de una aplicación manipulada... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3875
https://notcve.org/view.php?id=CVE-2016-3875
11 Sep 2016 — server/wm/WindowManagerService.java in Android 6.x before 2016-09-01 does not enforce the DISALLOW_SAFE_BOOT setting, which allows physically proximate attackers to bypass intended access restrictions and boot to safe mode via unspecified vectors, aka internal bug 26251884. server/wm/WindowManagerService.java en Android 6.x en versiones anteriores a 2016-09-01 no hace cumplir el ajuste DISALLOW_SAFE_BOOT, lo que permite a atacantes próximos físicamente eludir restricciones destinadas al acceso y arrancar en... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3862
https://notcve.org/view.php?id=CVE-2016-3862
11 Sep 2016 — media/ExifInterface.java in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 does not properly interact with the use of static variables in libjhead_jni, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 29270469. media/ExifInterface.java en mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versio... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3884
https://notcve.org/view.php?id=CVE-2016-3884
11 Sep 2016 — server/notification/NotificationManagerService.java in the Notification Manager Service in Android 6.x before 2016-09-01 and 7.0 before 2016-09-01 lacks uid checks, which allows attackers to bypass intended restrictions on method calls via a crafted application, aka internal bug 29421441. server/notification/NotificationManagerService.java en el Notification Manager Service en Android 6.x en versiones anteriores a 2016-09-01 y 7.0 en versiones anteriores a 2016-09-01 carece de comprobaciones uid, lo que per... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3864
https://notcve.org/view.php?id=CVE-2016-3864
11 Sep 2016 — The Qualcomm radio interface layer in Android before 2016-09-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28823714 and Qualcomm internal bug CR913117. La capa de interfaz de radio Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5, Nexus 5X, Nexus 6, Nexus 6P y Android One permite a atacantes obtener privilegios a través de una aplicación manipulada, vulnerabilidad tam... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 23EXPL: 0CVE-2016-3871
https://notcve.org/view.php?id=CVE-2016-3871
11 Sep 2016 — Multiple buffer overflows in codecs/mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow attackers to gain privileges via a crafted application, aka internal bug 29422022. Múltiples desbordamientos de búfer en codecs/mp3dec/SoftMP3.cpp en libstagefright en mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •