CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2017-0440
https://notcve.org/view.php?id=CVE-2017-0440
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33252788. • http://www.securityfocus.com/bid/96047 http://www.securitytracker.com/id/1037798 https://source.android.com/security/bulletin/2017-02-01.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2016-8481
https://notcve.org/view.php?id=CVE-2016-8481
An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31906415. • http://www.securityfocus.com/bid/96053 http://www.securitytracker.com/id/1037798 https://source.android.com/security/bulletin/2017-02-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0425
https://notcve.org/view.php?id=CVE-2017-0425
An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32720785. • http://www.securityfocus.com/bid/96106 http://www.securitytracker.com/id/1037798 https://source.android.com/security/bulletin/2017-02-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-0409
https://notcve.org/view.php?id=CVE-2017-0409
A remote code execution vulnerability in libstagefright could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31999646. • http://www.securityfocus.com/bid/96091 http://www.securitytracker.com/id/1037798 https://source.android.com/security/bulletin/2017-02-01.html •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2017-0405
https://notcve.org/view.php?id=CVE-2017-0405
A remote code execution vulnerability in Surfaceflinger could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Surfaceflinger process. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-31960359. • http://www.securityfocus.com/bid/96048 http://www.securitytracker.com/id/1037798 https://source.android.com/security/bulletin/2017-02-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •