CVSS: 9.3EPSS: 3%CPEs: 1EXPL: 1CVE-2017-0505
https://notcve.org/view.php?id=CVE-2017-0505
08 Mar 2017 — An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31822282. • https://github.com/R0rt1z2/CVE-2017-0505-mtk •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0502
https://notcve.org/view.php?id=CVE-2017-0502
08 Mar 2017 — An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28430164. • http://www.securityfocus.com/bid/96726 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0504
https://notcve.org/view.php?id=CVE-2017-0504
08 Mar 2017 — An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30074628. • http://www.securityfocus.com/bid/96726 •
CVSS: 9.3EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0480
https://notcve.org/view.php?id=CVE-2017-0480
08 Mar 2017 — An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32705429. • http://www.securityfocus.com/bid/96958 •
CVSS: 9.3EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0479
https://notcve.org/view.php?id=CVE-2017-0479
08 Mar 2017 — An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32707507. • http://www.securityfocus.com/bid/96958 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0509
https://notcve.org/view.php?id=CVE-2017-0509
08 Mar 2017 — An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32124445. • http://www.securityfocus.com/bid/94943 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0529
https://notcve.org/view.php?id=CVE-2017-0529
08 Mar 2017 — An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A. Android ID: A-28449427. • http://www.securityfocus.com/bid/96810 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0489
https://notcve.org/view.php?id=CVE-2017-0489
08 Mar 2017 — An elevation of privilege vulnerability in Location Manager could enable a local malicious application to bypass operating system protections for location data. This issue is rated as Moderate because it could be used to generate inaccurate data. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33091107. • http://www.securityfocus.com/bid/96792 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0501
https://notcve.org/view.php?id=CVE-2017-0501
08 Mar 2017 — An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28430015. • http://www.securityfocus.com/bid/96726 •
CVSS: 5.5EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0491
https://notcve.org/view.php?id=CVE-2017-0491
08 Mar 2017 — An elevation of privilege vulnerability in Package Manager could enable a local malicious application to prevent users from uninstalling applications or removing permissions from applications. This issue is rated as Moderate because it is a local bypass of user interaction requirements. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32553261. • http://www.securityfocus.com/bid/96791 •