CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6246
https://notcve.org/view.php?id=CVE-2018-6246
10 May 2018 — In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as moderate. Android: A-69383916. Reference: N-CVE-2018-6246. En Android antes del nivel de seguridad del 2018-05-05, NVIDIA Widevine Trustlet contiene una vulnerabilidad en Widevine TA en la que el software lee datos más allá del final,... • https://source.android.com/security/bulletin/pixel/2018-05-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2014-0900
https://notcve.org/view.php?id=CVE-2014-0900
20 Apr 2018 — The Device Administrator code in Android before 4.4.1_r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap data structure. El código Device Administrator en Android, en versiones anteriores a la 4.4.1_r1, podría permitir que los atacantes suplanten administradores de dispositivo y, consecuentemente, omitan las restricciones MDM aprovechando el error a la hora de actualizar la estructura de datos mAdminMap. • https://securityintelligence.com/how-to-cheat-your-mdm-compliance-without-a-password • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3164
https://notcve.org/view.php?id=CVE-2014-3164
18 Oct 2017 — cmds/servicemanager/service_manager.c in Android before commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 allows attackers to cause a denial of service (NULL pointer dereference, or out-of-bounds write) via vectors related to binder passed lengths. cmds/servicemanager/service_manager.c en Android anterior al commit 7d42a3c31ba78a418f9bdde0e0ab951469f321b5 permite que atacantes provoquen una denegación de servicio (desreferencia de puntero NULL o escritura fuera de límites) mediante vectores relacionados con l... • http://www.securityfocus.com/bid/101506 • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0809
https://notcve.org/view.php?id=CVE-2017-0809
03 Oct 2017 — A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128. Existe una vulnerabilidad de ejecución remota de código en el media framework de Android (libstagefright). • http://www.securityfocus.com/bid/101088 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0814
https://notcve.org/view.php?id=CVE-2017-0814
03 Oct 2017 — An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62800140. Existe una vulnerabilidad de divulgación de información en el media framework de Android (n/a). • http://www.securityfocus.com/bid/101151 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0815
https://notcve.org/view.php?id=CVE-2017-0815
03 Oct 2017 — An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63526567. Existe una vulnerabilidad de divulgación de información en el media framework de Android (libeffects). • http://www.securityfocus.com/bid/101088 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0816
https://notcve.org/view.php?id=CVE-2017-0816
03 Oct 2017 — An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63662938. Existe una vulnerabilidad de divulgación de información en el media framework de Android (libeffects). • http://www.securityfocus.com/bid/101088 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0817
https://notcve.org/view.php?id=CVE-2017-0817
03 Oct 2017 — An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430. Existe una vulnerabilidad de divulgación de información en el media framework de Android (libstagefright). • http://www.securityfocus.com/bid/101151 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 0CVE-2017-0823
https://notcve.org/view.php?id=CVE-2017-0823
03 Oct 2017 — An information disclosure vulnerability in the Android system (rild). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37896655. Existe una vulnerabilidad de divulgación de información en el sistema de Android (rild). • https://android.googlesource.com/platform/hardware/ril/+/cd5f15f588a5d27e99ba12f057245bfe507f8c42 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0824
https://notcve.org/view.php?id=CVE-2017-0824
03 Oct 2017 — An elevation of privilege vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37622847. References: B-V2017063001. • https://source.android.com/security/bulletin/pixel/2017-10-01 •