CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9786
https://notcve.org/view.php?id=CVE-2014-9786
11 Jul 2016 — Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28557260 and Qualcomm internal bug CR545979. Desbordamiento de buffer basado en memoria dinámica en drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c en los componentes de Qualcomm en Android en versiones anteriores a 20... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.0EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3757
https://notcve.org/view.php?id=CVE-2016-3757
11 Jul 2016 — The print_maps function in toolbox/lsof.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows user-assisted attackers to gain privileges via a crafted application that attempts to list a long name of a memory-mapped file, aka internal bug 28175237. NOTE: print_maps is not related to the Vic Abell lsof product. " La función print_maps en toolbox/lsof.c en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones an... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8892
https://notcve.org/view.php?id=CVE-2015-8892
11 Jul 2016 — platform/msm_shared/boot_verifier.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to bypass intended access restrictions via a digest with trailing data, aka Android internal bug 28822807 and Qualcomm internal bug CR902998. platform/msm_shared/boot_verifier.c en los componentes de Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 5X y 6P permite a atacantes eludir restricciones destinadas al acceso a través de una asimilación con datos d... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8889
https://notcve.org/view.php?id=CVE-2015-8889
11 Jul 2016 — The aboot implementation in the Qualcomm components in Android before 2016-07-05 on Nexus 6P devices omits the recovery PIN feature, which has unspecified impact and attack vectors, aka Android internal bug 28822677 and Qualcomm internal bug CR804067. La implementación de aboot en los componentes de Qualcomm en Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 6P omite la característica de recuperación de PIN, lo que tiene un impacto y vectores de ataque no especificados, también conocido c... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3754
https://notcve.org/view.php?id=CVE-2016-3754
11 Jul 2016 — mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not limit process-memory usage, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28615448. mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en versiones anteriores a 2016-07-01 no limita el uso del proceso de memoria, lo cual per... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2016-3766
https://notcve.org/view.php?id=CVE-2016-3766
11 Jul 2016 — MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not check whether memory allocation succeeds, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted file, aka internal bug 28471206. MPEG4Extractor.cpp en libstagefright en mediaserver en Android 4.x en versiones anteriores a 4.4.4, 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x e... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3768
https://notcve.org/view.php?id=CVE-2016-3768
11 Jul 2016 — The Qualcomm performance component in Android before 2016-07-05 on Nexus 5, 6, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28172137 and Qualcomm internal bug CR1010644. El componente de rendimiento Qualcomm en Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 5, 6, 5X, 6P y 7 (2013) permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno de Android 28172137 y e... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3809
https://notcve.org/view.php?id=CVE-2016-3809
11 Jul 2016 — The networking component in Android before 2016-07-05 on Android One, Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, and Pixel C devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 27532522. El componente de red en Android en versiones anteriores a 2016-07-05 en dispositivos Android One, Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player y Pixel C permite a atacantes obtener información sensible a través ... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2473
https://notcve.org/view.php?id=CVE-2016-2473
13 Jun 2016 — The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27777501. El controlador Wi-Fi Qualcomm en Android en versiones anteriores a 2016-06-01 en dispositivos Nexus 7 (2013) permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno 27777501. • http://source.android.com/security/bulletin/2016-06-01.html •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2466
https://notcve.org/view.php?id=CVE-2016-2466
13 Jun 2016 — The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka internal bug 27947307. El controlador de sonido Qualcomm en Android en versiones anteriores a 2016-06-01 en dispositivos Nexus 6 permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno 27947307. • http://source.android.com/security/bulletin/2016-06-01.html •