CVSS: 7.1EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3879
https://notcve.org/view.php?id=CVE-2016-3879
11 Sep 2016 — arm-wt-22k/lib_src/eas_mdls.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 allows remote attackers to cause a denial of service (NULL pointer dereference, and device hang or reboot) via a crafted media file, aka internal bug 29770686. arm-wt-22k/lib_src/eas_mdls.c en mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versiones anteriores a 2016-09-01... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3866
https://notcve.org/view.php?id=CVE-2016-3866
11 Sep 2016 — The Qualcomm sound driver in Android before 2016-09-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28868303 and Qualcomm internal bug CR1032820. El controlador de sonido Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5X, 6 y 6P permite a atacantes obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como error interno de Android 28868303 y error interno de Qualcomm... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3877
https://notcve.org/view.php?id=CVE-2016-3877
11 Sep 2016 — Unspecified vulnerability in Android before 2016-09-01 has unknown impact and attack vectors. Vulnerabilidad no especificada en Android en versiones anteriores a 2016-09-01 tiene impacto y vectores de ataque desconocidos. • http://source.android.com/security/bulletin/2016-09-01.html •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3858
https://notcve.org/view.php?id=CVE-2016-3858
11 Sep 2016 — Buffer overflow in drivers/soc/qcom/subsystem_restart.c in the Qualcomm subsystem driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application that provides a long string, aka Android internal bug 28675151 and Qualcomm internal bug CR1022641. Desbordamiento de búfer en drivers/soc/qcom/subsystem_restart.c en el controlador del subsistema Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5X y 6P permite a atacantes o... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3892
https://notcve.org/view.php?id=CVE-2016-3892
11 Sep 2016 — The Qualcomm SPMI driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28760543 and Qualcomm internal bug CR1024197. El controlador Qualcomm SPMI en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5, 5X, 6 y 6P permite a atacantes obtener información sensible a través de una aplicación manipulada, vulnerabilidad también conocida como error interno de Android 28760543 y err... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3862
https://notcve.org/view.php?id=CVE-2016-3862
11 Sep 2016 — media/ExifInterface.java in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 does not properly interact with the use of static variables in libjhead_jni, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 29270469. media/ExifInterface.java en mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versio... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3864
https://notcve.org/view.php?id=CVE-2016-3864
11 Sep 2016 — The Qualcomm radio interface layer in Android before 2016-09-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28823714 and Qualcomm internal bug CR913117. La capa de interfaz de radio Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5, Nexus 5X, Nexus 6, Nexus 6P y Android One permite a atacantes obtener privilegios a través de una aplicación manipulada, vulnerabilidad tam... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 23EXPL: 0CVE-2016-3871
https://notcve.org/view.php?id=CVE-2016-3871
11 Sep 2016 — Multiple buffer overflows in codecs/mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow attackers to gain privileges via a crafted application, aka internal bug 29422022. Múltiples desbordamientos de búfer en codecs/mp3dec/SoftMP3.cpp en libstagefright en mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3893
https://notcve.org/view.php?id=CVE-2016-3893
11 Sep 2016 — The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29512527 and Qualcomm internal bug CR856400. La función wcdcal_hwdep_ioctl_shared en sound/soc/codecs/wcdcal-hwdep.c en el códec de sonido Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexu... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3897
https://notcve.org/view.php?id=CVE-2016-3897
11 Sep 2016 — The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java in Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 includes a password in the return value of a toString method call, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 25624963. La clase WifiEnterpriseConfig en net/wifi/WifiEnterpriseConfig.java en Wi-Fi en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2,... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •