CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6788
https://notcve.org/view.php?id=CVE-2016-6788
An elevation of privilege vulnerability in the MediaTek I2C driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31224428. • http://www.securityfocus.com/bid/94687 https://source.android.com/security/bulletin/2016-12-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 24EXPL: 0CVE-2016-6765
https://notcve.org/view.php?id=CVE-2016-6765
A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 7.0. Android ID: A-31449945. • http://www.securityfocus.com/bid/94688 https://source.android.com/security/bulletin/2016-12-01.html • CWE-19: Data Processing Errors •
CVSS: 7.1EPSS: 0%CPEs: 26EXPL: 0CVE-2016-6766
https://notcve.org/view.php?id=CVE-2016-6766
A denial of service vulnerability in libmedia and libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31318219. • http://www.securityfocus.com/bid/94688 https://source.android.com/security/bulletin/2016-12-01.html • CWE-19: Data Processing Errors •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-6768
https://notcve.org/view.php?id=CVE-2016-6768
A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31631842. • http://www.securityfocus.com/bid/94704 https://source.android.com/security/bulletin/2016-12-01.html • CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: 26EXPL: 0CVE-2016-6770
https://notcve.org/view.php?id=CVE-2016-6770
An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level. This issue is rated as Moderate because it is a local bypass of restrictions on a constrained process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-30202228. • http://www.securityfocus.com/bid/94702 https://source.android.com/security/bulletin/2016-12-01.html • CWE-284: Improper Access Control •