Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android 6.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-3743
decoder/ih264d_api.c in mediaserver in Android 6.x prior to 2016-07-01 does not initialize certain data structures, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 27907656.
Google Android 6.0.1
Google Android 6.0
7.5
CVSSv2
CVE-2016-3748
The sockets subsystem in Android 6.x prior to 2016-07-01 allows malicious users to bypass intended system-call restrictions via a crafted application that makes an ioctl call, aka internal bug 28171804.
Google Android 6.0
Google Android 6.0.1
4.6
CVSSv2
CVE-2016-3749
server/LockSettingsService.java in LockSettingsService in Android 6.x prior to 2016-07-01 allows malicious users to modify the screen-lock password or pattern via a crafted application, aka internal bug 28163930.
Google Android 6.0.1
Google Android 6.0
7.5
CVSSv2
CVE-2016-3752
internal/app/ChooserActivity.java in the ChooserTarget service in Android 6.x prior to 2016-07-01 mishandles target security checks, which allows malicious users to gain privileges via a crafted application, aka internal bug 28384423.
Google Android 6.0.1
Google Android 6.0
7.8
CVSSv2
CVE-2016-3755
decoder/ih264d_parse_pslice.c in mediaserver in Android 6.x prior to 2016-07-01 does not properly select concealment frames, which allows remote malicious users to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28470138.
Google Android 6.0
Google Android 6.0.1
3.3
CVSSv2
CVE-2016-0830
btif_config.c in Bluetooth in Android 6.x prior to 2016-03-01 allows remote malicious users to cause a denial of service (memory corruption and persistent daemon crash) by triggering a large number of configuration entries, and consequently exceeding the maximum size of a configu...
Google Android 6.0.1
Google Android 6.0
10
CVSSv2
CVE-2016-0840
Multiple stack-based buffer underflows in decoder/ih264d_parse_cavlc.c in mediaserver in Android 6.x prior to 2016-04-01 allow remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26399350.
Google Android 6.0
Google Android 6.0.1
7.6
CVSSv2
CVE-2016-2461
OpenSSLCipher.java in Conscrypt in Android 6.x prior to 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows malicious users to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 27696681.
Google Android 6.0.1
Google Android 6.0
9.3
CVSSv2
CVE-2016-2492
The MediaTek power-management driver in Android prior to 2016-06-01 on Android One devices allows malicious users to gain privileges via a crafted application, aka internal bug 28085410.
Google Android 6.0
Google Android 6.0.1
7.5
CVSSv2
CVE-2018-14066
The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the READ_SMS permission can read SMS messages. This affects Infinix X571 phones, as well...
Google Android 7.0
Google Android 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »