CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2278
https://notcve.org/view.php?id=CVE-2017-2278
The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEED TEST App for iOS version 2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Las versiones 2.0.3 y anteriores de la aplicación RBB SPEED TEST App para Android, así como las versiones 2.1.0 y anteriores para iOS no verifican certificados X.509 desde servidores SSL. Esto permite a los atacantes que realicen Man-in-the-Middle (MitM) suplantar servidores y obtener información sensible utilizando un certificado manipulado. • http://www.iid.co.jp/information/170714.html https://jvn.jp/en/jp/JVN24238648/index.html • CWE-295: Improper Certificate Validation •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10398
https://notcve.org/view.php?id=CVE-2016-10398
Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens (AuthTokens) used by the Trusted Execution Environment (TEE) are protected by a weak challenge. This allows adversaries to replay previously captured responses and use the TEE without authenticating. All apps using authentication-gated cryptography are vulnerable to this attack, which was confirmed on the LG Nexus 5X. Android versión 6.0, presenta un bypass de autenticación para los atacantes con acceso root y físico. • https://homepages.staff.os3.nl/~delaat/rp/2015-2016/p30/report.pdf • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6249
https://notcve.org/view.php?id=CVE-2017-6249
An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34373711. • http://www.securityfocus.com/bid/99616 http://www.securitytracker.com/id/1038623 https://source.android.com/security/bulletin/2017-06-01 •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-7953
https://notcve.org/view.php?id=CVE-2014-7953
Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script to process logcat's output looking for a dexopt line, which once found should execute bindBackupAgent with the uid member of the ApplicationInfo parameter set to 1000. Condición de carrera en el método bindBackupAgent en el ActivityManagerService en Android 4.4.4 permite a los usuarios locales con un shell adb ejecutar un código arbitrario o cualquier paquete válido como sistema mediante la ejecución de "pm install " con un objetivo apk, y simultáneamente ejecutando un script manipulado al proceso de salida de logcat buscando la línea dexopt, el cual una vez encontrada debiera ejecutar bindBackupAgent con el miembro uid de los parámetros puesto a 1000 de ApplicationInfo. • http://seclists.org/fulldisclosure/2015/Apr/52 http://www.securityfocus.com/archive/1/535296/100/1100/threaded http://www.securityfocus.com/bid/74213 https://android.googlesource.com/platform/frameworks/base/+/a8f6d1b%5E%21 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0326
https://notcve.org/view.php?id=CVE-2017-0326
An information disclosure vulnerability in the NVIDIA Video Driver due to an out-of-bounds read function in the Tegra Display Controller driver could result in possible information disclosure. This issue is rated as Moderate. Product: Android. Version: N/A. Android ID: A-33718700. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 http://www.securityfocus.com/bid/99477 https://source.android.com/security/bulletin/2017-07-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •