CVSS: 9.3EPSS: 0%CPEs: 29EXPL: 0CVE-2017-0745
https://notcve.org/view.php?id=CVE-2017-0745
09 Aug 2017 — A remote code execution vulnerability in the Android media framework (avc decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37079296. Existe una vulnerabilidad de ejecución remota de código en el media framework de Android (avc decoder). • http://www.securityfocus.com/bid/100204 • CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0746
https://notcve.org/view.php?id=CVE-2017-0746
09 Aug 2017 — A elevation of privilege vulnerability in the Qualcomm ipa driver. Product: Android. Versions: Android kernel. Android ID: A-35467471. References: QC-CR#2029392. • http://www.securityfocus.com/bid/100213 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0747
https://notcve.org/view.php?id=CVE-2017-0747
09 Aug 2017 — A elevation of privilege vulnerability in the Qualcomm proprietary component. Product: Android. Versions: Android kernel. Android ID: A-32524214. References: QC-CR#2044821. • http://www.securityfocus.com/bid/100213 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0749
https://notcve.org/view.php?id=CVE-2017-0749
09 Aug 2017 — A elevation of privilege vulnerability in the Upstream Linux linux kernel. Product: Android. Versions: Android kernel. Android ID: A-36007735. Existe una vulnerabilidad de elevación de privilegios en el kernel linux en Upstream Linux. • http://www.securityfocus.com/bid/100215 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0750 – Ubuntu Security Notice USN-3583-1
https://notcve.org/view.php?id=CVE-2017-0750
09 Aug 2017 — A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013. Existe una vulnerabilidad de elevación de privilegios en el sistema de archivos Upstream Linux. • http://www.securityfocus.com/bid/100215 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-3839
https://notcve.org/view.php?id=CVE-2015-3839
07 Aug 2017 — The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). La función updateMessageStatus en Android 5.1.1 y anteriores permite que usuarios locales provoquen una denegación de servicio (excepción de puntero nulo y caída de procesos). • https://github.com/mabin004/cve-2015-3839_PoC • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2278
https://notcve.org/view.php?id=CVE-2017-2278
02 Aug 2017 — The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEED TEST App for iOS version 2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Las versiones 2.0.3 y anteriores de la aplicación RBB SPEED TEST App para Android, así como las versiones 2.1.0 y anteriores para iOS no verifican certificados X.509 desde servidores SSL. Esto permite a los atacantes que reali... • http://www.iid.co.jp/information/170714.html • CWE-295: Improper Certificate Validation •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6249
https://notcve.org/view.php?id=CVE-2017-6249
13 Jul 2017 — An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34373711. • http://www.securityfocus.com/bid/99616 •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2017-3748
https://notcve.org/view.php?id=CVE-2017-3748
29 Jun 2017 — On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device). En los teléfonos móviles Lenovo VIBE, los controles de acceso incorrectos en el componente nac_server puede emplearse junto con CVE-2017-3749 y CVE-2017-3750 para elevar los privilegios a usuario root (conocido comúnmente como "rooting" o "jail breaking" de un disp... • http://www.securityfocus.com/bid/99295 •
CVSS: 6.9EPSS: 0%CPEs: 21EXPL: 0CVE-2017-3749
https://notcve.org/view.php?id=CVE-2017-3749
29 Jun 2017 — On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750. En los teléfonos móviles Lenovo VIBE, la aplicación de Android Idea Friend permite que los datos privados se copien y restauren mediante Android Debug Bridge, lo que permite la falsificación que conduce a un escalado de privilegios junto con CVE-2017-3748 y CVE-2... • https://support.lenovo.com/us/en/product_security/LEN-15823 •