CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8937
https://notcve.org/view.php?id=CVE-2015-8937
06 Aug 2016 — drivers/char/diag/diagchar_core.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 6, and 7 (2013) devices mishandles a socket process, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28803962 and Qualcomm internal bug CR770548. drivers/char/diag/diagchar_core.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5, 6 y 7 (2013) no maneja adecuadamente un proceso de tomas, lo que permite a ataca... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-19: Data Processing Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3856
https://notcve.org/view.php?id=CVE-2016-3856
06 Aug 2016 — netd in Android before 2016-08-05 mishandles tethering and stdio streams, which allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR959631. netd en Android en versiones anteriores a 2016-08-05 no maneja adecuadamente corrientes tethering y stdio, lo que permite a atacantes provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de una aplicación manipulada, también conocido como ... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-19: Data Processing Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3854
https://notcve.org/view.php?id=CVE-2016-3854
06 Aug 2016 — drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR897326. drivers/media/video/msm/msm_mctl_buf.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 no valida el modo de imagen, lo que permite a atacantes provocar una denegación... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9879
https://notcve.org/view.php?id=CVE-2014-9879
06 Aug 2016 — The mdss mdp3 driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate user-space data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769221 and Qualcomm internal bug CR524490. El controlador mdss mdp3 en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5 no valida datos de espacio de usuario, lo que permite a atacantes remotos obtener privilegios a través de una apli... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9896
https://notcve.org/view.php?id=CVE-2014-9896
06 Aug 2016 — drivers/char/adsprpc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate parameters and return values, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28767593 and Qualcomm internal bug CR551795. drivers/char/adsprpc.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5 y 7 (2013) no valida adecuadamente parámetros y valores de retorno... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3852
https://notcve.org/view.php?id=CVE-2016-3852
05 Aug 2016 — The MediaTek Wi-Fi driver in Android before 2016-08-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29141147 and MediaTek internal bug ALPS02751738. El controlador Wi-Fi de MediaTek en Android en versiones anteriores a 2016-08-05 en dispositivos Android One permite a atacantes obtener información sensible a través de una aplicación manipulada, también conocido como error interno de Android 29141147 y error interno de MediaTek ALP... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3824
https://notcve.org/view.php?id=CVE-2016-3824
05 Aug 2016 — omx/OMXNodeInstance.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 does not validate the buffer port, which allows attackers to gain privileges via a crafted application, aka internal bug 28816827. omx/OMXNodeInstance.cpp en libstagefright en mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versiones anteriores a 2016-08-01 no v... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3840
https://notcve.org/view.php?id=CVE-2016-3840
05 Aug 2016 — Conscrypt in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-05 does not properly identify session reuse, which allows remote attackers to execute arbitrary code via unspecified vectors, aka internal bug 28751153. Conscrypt en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versiones anteriores a 2016-08-05 no identifica adecuadamente la reutilización de sesión, lo que permite a atacan... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3821
https://notcve.org/view.php?id=CVE-2016-3821
05 Aug 2016 — libmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 has certain incorrect declarations, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference or memory corruption) via a crafted media file, aka internal bug 28166152. libmedia en mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versiones ant... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3839
https://notcve.org/view.php?id=CVE-2016-3839
05 Aug 2016 — Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to cause a denial of service (loss of Bluetooth 911 functionality) via a crafted application that sends a signal to a Bluetooth process, aka internal bug 28885210. Bluetooth en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versiones anteriores a 2016-08-01 permite a atacantes provocar una denegación de s... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-284: Improper Access Control •