Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2016
CVE-2016-2439
Buffer overflow in btif/src/btif_dm.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows remote attackers to execute arbitrary code via a long PIN value, aka internal bug 27411268.
CVSS Score
8.8
EPSS Score
0.015
Published
2016-05-09
CVE-2016-2437
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27436822.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-05-09
CVE-2016-2436
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-05-09
CVE-2016-2435
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27297988.
CVSS Score
7.8
EPSS Score
0.001
Published
2016-05-09
CVE-2016-2434
The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27251090.
CVSS Score
7.8
EPSS Score
0.013
Published
2016-05-09
CVE-2016-2432
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-05-09
CVE-2016-2431
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 24968809.
CVSS Score
7.8
EPSS Score
0.012
Published
2016-05-09
CVE-2016-2430
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containing a crafted symbol name, aka internal bug 27299236.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-05-09
CVE-2016-2429
libFLAC/stream_decoder.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not prevent free operations on uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted media file, aka internal bug 27211885.
CVSS Score
9.8
EPSS Score
0.012
Published
2016-05-09
CVE-2016-2428
libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limit the number of threads, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted media file, aka internal bug 26751339.
CVSS Score
9.8
EPSS Score
0.012
Published
2016-05-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved