CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6696
https://notcve.org/view.php?id=CVE-2016-6696
10 Oct 2016 — sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 allows attackers to cause a denial of service or possibly have unspecified other impact via a large negative value for the data length, aka Qualcomm internal bug CR 1041130. sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c en un controlador Qualcomm QDSP6v2 en Android en versiones anteriores a 2016-10-05 permite a atacantes provocar una denegación de servicio o tener otro posible impacto no especificado a través d... • http://source.android.com/security/bulletin/2016-10-01.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 23EXPL: 0CVE-2016-3911
https://notcve.org/view.php?id=CVE-2016-3911
10 Oct 2016 — core/java/android/os/Process.java in Zygote in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30143607. core/java/android/os/Process.java en Zygote en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1, 6.x en versiones anteriores a 2016-10-01 y 7.0 en versiones anteriores a 2016-10-01 permit... • http://source.android.com/security/bulletin/2016-10-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3936
https://notcve.org/view.php?id=CVE-2016-3936
10 Oct 2016 — The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019037 and MediaTek internal bug ALPS02829568. El controlador de video MediaTek en Android en versiones anteriores a 2016-10-05 permite a atacantes obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como error interno de Android 30019037 y error interno de MediaTek ALPS02829568. • http://source.android.com/security/bulletin/2016-10-01.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2016-6689 – Google Android - Binder Generic ASLR Leak
https://notcve.org/view.php?id=CVE-2016-6689
10 Oct 2016 — Binder in the kernel in Android before 2016-10-05 on Nexus devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30768347. El enlazador en el kernel en Android en versiones anteriores a 2016-10-05 en dispositivos Nexus permite a atacantes obtener información sensible a través de una aplicación manipulada, vulnerabilidad también conocida como error interno 30768347. The interaction between the kernel /dev/binder and the usermode Parcel.cpp mean that when a binde... • https://packetstorm.news/files/id/139111 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6687
https://notcve.org/view.php?id=CVE-2016-6687
10 Oct 2016 — The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 30162222. El generador de perfiles de NVIDIA en Android en versiones anteriores a 2016-10-05 en dispositivos Nexus 9 permite a atacantes obtener información sensible a través de una aplicación manipulada, vulnerabilidad también conocida como error interno 30162222. • http://source.android.com/security/bulletin/2016-10-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3933
https://notcve.org/view.php?id=CVE-2016-3933
10 Oct 2016 — mediaserver in Android before 2016-10-05 on Nexus 9 and Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 29421408. mediaserver en Android en versiones anteriores a 2016-10-05 en dispositivos Nexus 9 y Pixel C permite a atacantes obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como error interno 29421408. • http://source.android.com/security/bulletin/2016-10-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3935
https://notcve.org/view.php?id=CVE-2016-3935
10 Oct 2016 — Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999665 and Qualcomm internal bug CR 1046507. Múltiples desbordamientos de entero en drivers/crypto/msm/qcedev.c en el controlador de motor criptográfico de Qualcomm en Android en versiones anteriores a 2016-10-05 en dispositivos Nexus 5... • http://source.android.com/security/bulletin/2016-10-01.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 23EXPL: 0CVE-2016-3914
https://notcve.org/view.php?id=CVE-2016-3914
10 Oct 2016 — Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application that modifies a database between two open operations, aka internal bug 30481342. Condición de carrera en providers/telephony/MmsProvider.java en Telephony en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones ant... • http://source.android.com/security/bulletin/2016-10-01.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 0%CPEs: 23EXPL: 0CVE-2016-3916
https://notcve.org/view.php?id=CVE-2016-3916
10 Oct 2016 — camera/src/camera_metadata.c in the Camera service in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30741779. camera/src/camera_metadata.c en el servicio Camera en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1, 6.x en versiones anteriores a 2016-10-01 y 7.0 en versiones anteriores a 201... • http://source.android.com/security/bulletin/2016-10-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6676
https://notcve.org/view.php?id=CVE-2016-6676
10 Oct 2016 — Off-by-one error in CORE/HDD/src/wlan_hdd_cfg.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application that makes a GET_CFG ioctl call, aka Android internal bug 30874066 and Qualcomm internal bug CR 1000853. Error por un paso en CORE/HDD/src/wlan_hdd_cfg.c en el controlador Wi-Fi de Qualcomm en Android en versiones anteriores a 2016-10-05 en dispositivos Nexus 5... • http://source.android.com/security/bulletin/2016-10-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •