CVSS: 5.5EPSS: 0%CPEs: 29EXPL: 0CVE-2017-0602
https://notcve.org/view.php?id=CVE-2017-0602
12 May 2017 — An information disclosure vulnerability in Bluetooth could allow a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34946955. • http://www.securityfocus.com/bid/98141 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 29EXPL: 0CVE-2017-0600
https://notcve.org/view.php?id=CVE-2017-0600
12 May 2017 — A remote denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35269635. • https://android.googlesource.com/platform/frameworks/av/+/961e5ac5788b52304e64b9a509781beaf5201fb0 •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0619
https://notcve.org/view.php?id=CVE-2017-0619
12 May 2017 — An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35401152. • http://www.securityfocus.com/bid/98192 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10281
https://notcve.org/view.php?id=CVE-2016-10281
12 May 2017 — An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175647. • http://www.securityfocus.com/bid/98158 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2015-9004
https://notcve.org/view.php?id=CVE-2015-9004
02 May 2017 — kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions. kernel/events/core.c en el kernel de Linux anterior a la versión 3.19 no gestiona correctamente el contador grouping, lo que permite a usuarios locales escalar privilegios a través de una aplicación especialmente diseñada para provechar el fallo, relacionado con la apertura de funciones the per... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0331
https://notcve.org/view.php?id=CVE-2017-0331
02 May 2017 — An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel 3.10. Android ID: A-34113000. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.6EPSS: 0%CPEs: 11EXPL: 0CVE-2014-9940 – Ubuntu Security Notice USN-3343-2
https://notcve.org/view.php?id=CVE-2014-9940
02 May 2017 — The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application. La función regulator_ena_gpio_free en drivers/regulator/core.c en el kernel de Linux anterior a la versión 3.19 permite a usuarios locales elevar sus privilegios o provocar una denegación de servicio (uso después de liberación) a través de una aplicación especialmente diseñada para aprovechar el fallo. ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2433
https://notcve.org/view.php?id=CVE-2016-2433
21 Apr 2017 — The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel. El controlador Broadcom Wi-Fi para Android, tal como se usa por BlackBerry smartphones en versiones anteriores a Build AAE570, permite a los atacantes remotos ejecutar el código arbitrario dentro del contexto del kernel. • http://support.blackberry.com/kb/articleDetail?articleNumber=000038167 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6726
https://notcve.org/view.php?id=CVE-2016-6726
17 Apr 2017 — Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices. Vulnerabilidad no especificada en componentes Qualcomm en Android en Nexus 6 y dispositivos Android One. • http://www.securityfocus.com/bid/94133 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6727
https://notcve.org/view.php?id=CVE-2016-6727
17 Apr 2017 — The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code. El subsistema Qualcomm GPS en Android en dispositivos Android One permite a atacantes remotos ejecutar código arbitrario. • http://support.blackberry.com/kb/articleDetail?articleNumber=000038666 • CWE-264: Permissions, Privileges, and Access Controls •