CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3873
https://notcve.org/view.php?id=CVE-2016-3873
11 Sep 2016 — The NVIDIA kernel in Android before 2016-09-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 29518457. El kernel de NVIDIA en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 9 permite a atacantes obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como error interno 29518457. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3874
https://notcve.org/view.php?id=CVE-2016-3874
11 Sep 2016 — CORE/HDD/src/wlan_hdd_wext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus 5X devices does not properly validate the arguments array, which allows attackers to gain privileges via a crafted application that sends a WE_UNIT_TEST_CMD command, aka Android internal bug 29944562 and Qualcomm internal bug CR997797. CORE/HDD/src/wlan_hdd_wext.c en el controlador Wi-Fi Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5X no valida correctamente los argumentos array,... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.6EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3890
https://notcve.org/view.php?id=CVE-2016-3890
11 Sep 2016 — The Java Debug Wire Protocol (JDWP) implementation in adb/sockets.cpp in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-09-01 mishandles socket close operations, which allows attackers to gain privileges via a crafted application, aka internal bug 28347842. La implementación del Java Debug Wire Protocol (JDWP) en adb/sockets.cpp en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versione... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3859
https://notcve.org/view.php?id=CVE-2016-3859
11 Sep 2016 — The Qualcomm camera driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28815326 and Qualcomm internal bug CR1034641. El controlador de la cámara Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5, 5X, 6 y 6P permite a atacantes obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como error interno de Android 28815326 y error interno d... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3867
https://notcve.org/view.php?id=CVE-2016-3867
11 Sep 2016 — The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28919863 and Qualcomm internal bug CR1037897. El controlador del IPA Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5X y 6P permite a atacantes obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como error interno de Android 28919863 y error interno de Qualcomm CR1037897. • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2016-3863
https://notcve.org/view.php?id=CVE-2016-3863
11 Sep 2016 — Multiple stack-based buffer overflows in the AVCC reassembly implementation in Utils.cpp in libstagefright in MediaMuxer in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow remote attackers to execute arbitrary code via a crafted media file, aka internal bug 29161888. Múltiples desbordamientos de búfer basados en pila en la implementación de reensamblaje AVCC en Utils.cpp en libstagefright en MediaMuxer en Android 4.x en versiones anter... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-284: Improper Access Control •
CVSS: 7.1EPSS: 0%CPEs: 23EXPL: 0CVE-2016-3880
https://notcve.org/view.php?id=CVE-2016-3880
11 Sep 2016 — Multiple buffer overflows in rtsp/ASessionDescription.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 25747670. Múltiples desbordamientos de búfer en rtsp/ASessionDescription.cpp en libstagefright en mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anterio... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-284: Improper Access Control •
CVSS: 2.1EPSS: 0%CPEs: 23EXPL: 0CVE-2016-3888
https://notcve.org/view.php?id=CVE-2016-3888
11 Sep 2016 — internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, and send premium SMS messages during the Setup Wizard provisioning stage, via unspecified vectors, aka internal bug 29420123. internal/telephony/SMSDispatcher.java en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x ... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 23EXPL: 0CVE-2016-3899
https://notcve.org/view.php?id=CVE-2016-3899
11 Sep 2016 — OMXCodec.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not validate a certain pointer, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 29421811. OMXCodec.cpp en libstagefright en mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1, 6.x... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3868
https://notcve.org/view.php?id=CVE-2016-3868
11 Sep 2016 — The Qualcomm power driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28967028 and Qualcomm internal bug CR1032875. El controlador de energía Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 5X y 6P permite a atacantes obtener privilegios a través de una aplicación manipulada, vulnerabilidad también conocida como error interno de Android 28967028 y error interno de Qualcomm CR103... • http://source.android.com/security/bulletin/2016-09-01.html • CWE-264: Permissions, Privileges, and Access Controls •