CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0615
https://notcve.org/view.php?id=CVE-2017-0615
12 May 2017 — An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34259126. • http://www.securityfocus.com/bid/98188 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0616
https://notcve.org/view.php?id=CVE-2017-0616
12 May 2017 — An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34470286. • http://www.securityfocus.com/bid/98189 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0617
https://notcve.org/view.php?id=CVE-2017-0617
12 May 2017 — An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34471002. • http://www.securityfocus.com/bid/98190 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0618
https://notcve.org/view.php?id=CVE-2017-0618
12 May 2017 — An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-35100728. • http://www.securityfocus.com/bid/98191 •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0619
https://notcve.org/view.php?id=CVE-2017-0619
12 May 2017 — An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35401152. • http://www.securityfocus.com/bid/98192 •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2017-0620
https://notcve.org/view.php?id=CVE-2017-0620
12 May 2017 — An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35401052. • http://www.securityfocus.com/bid/98193 • CWE-20: Improper Input Validation CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0625
https://notcve.org/view.php?id=CVE-2017-0625
12 May 2017 — An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A. Android ID: A-35142799. • http://www.securityfocus.com/bid/98201 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 11EXPL: 0CVE-2014-9940 – Ubuntu Security Notice USN-3343-2
https://notcve.org/view.php?id=CVE-2014-9940
02 May 2017 — The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application. La función regulator_ena_gpio_free en drivers/regulator/core.c en el kernel de Linux anterior a la versión 3.19 permite a usuarios locales elevar sus privilegios o provocar una denegación de servicio (uso después de liberación) a través de una aplicación especialmente diseñada para aprovechar el fallo. ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2015-9004
https://notcve.org/view.php?id=CVE-2015-9004
02 May 2017 — kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions. kernel/events/core.c en el kernel de Linux anterior a la versión 3.19 no gestiona correctamente el contador grouping, lo que permite a usuarios locales escalar privilegios a través de una aplicación especialmente diseñada para provechar el fallo, relacionado con la apertura de funciones the per... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0331
https://notcve.org/view.php?id=CVE-2017-0331
02 May 2017 — An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel 3.10. Android ID: A-34113000. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •