CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0816
https://notcve.org/view.php?id=CVE-2017-0816
03 Oct 2017 — An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63662938. Existe una vulnerabilidad de divulgación de información en el media framework de Android (libeffects). • http://www.securityfocus.com/bid/101088 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 0CVE-2017-0823
https://notcve.org/view.php?id=CVE-2017-0823
03 Oct 2017 — An information disclosure vulnerability in the Android system (rild). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37896655. Existe una vulnerabilidad de divulgación de información en el sistema de Android (rild). • https://android.googlesource.com/platform/hardware/ril/+/cd5f15f588a5d27e99ba12f057245bfe507f8c42 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0817
https://notcve.org/view.php?id=CVE-2017-0817
03 Oct 2017 — An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430. Existe una vulnerabilidad de divulgación de información en el media framework de Android (libstagefright). • http://www.securityfocus.com/bid/101151 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0814
https://notcve.org/view.php?id=CVE-2017-0814
03 Oct 2017 — An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62800140. Existe una vulnerabilidad de divulgación de información en el media framework de Android (n/a). • http://www.securityfocus.com/bid/101151 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0827
https://notcve.org/view.php?id=CVE-2017-0827
03 Oct 2017 — An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-62539960. References: M-ALPS03353876, M-ALPS03353861, M-ALPS03353869, M-ALPS03353867, M-ALPS03353872. • http://www.securityfocus.com/bid/101120 •
CVSS: 9.3EPSS: 0%CPEs: 30EXPL: 0CVE-2017-0809
https://notcve.org/view.php?id=CVE-2017-0809
03 Oct 2017 — A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128. Existe una vulnerabilidad de ejecución remota de código en el media framework de Android (libstagefright). • http://www.securityfocus.com/bid/101088 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 1CVE-2015-1537
https://notcve.org/view.php?id=CVE-2015-1537
27 Sep 2017 — Integer overflow in IHDCP.cpp in the media_server component in Android allows remote attackers to execute arbitrary code via a crafted application. Un desbordamiento de enteros en el componente media_server en Android permite que los atacantes remotos ejecuten código arbitrario mediante una aplicación modificada. • http://www.securityfocus.com/bid/76670 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1526
https://notcve.org/view.php?id=CVE-2015-1526
27 Sep 2017 — The media_server component in Android allows remote attackers to cause a denial of service via a crafted application. El componente media_server en Android permite que los atacantes remotos provoquen una denegación de servicio mediante una aplicación modificada. • http://www.securityfocus.com/bid/76666 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5868
https://notcve.org/view.php?id=CVE-2016-5868
25 Sep 2017 — drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process. drivers/net/ethernet/msm/rndis_ipa.c en el controlador de networking de Qualcomm en Android permite que los atacantes remotos ejecuten código arbitrario mediante una aplicación manipulada que compromete un proceso privilegiado. • http://www.securityfocus.com/bid/98197 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-11002
https://notcve.org/view.php?id=CVE-2017-11002
21 Sep 2017 — In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur. En todos los productos Qualcomm con sistemas operativos Android distribuidos desde el CAF utilizando el kernel de Linux, cuando se procesa un subcomando del fabricante, puede ocurrir una sobrelectura de búfer. • http://www.securityfocus.com/bid/100658 • CWE-125: Out-of-bounds Read •