CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2433
https://notcve.org/view.php?id=CVE-2016-2433
21 Apr 2017 — The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel. El controlador Broadcom Wi-Fi para Android, tal como se usa por BlackBerry smartphones en versiones anteriores a Build AAE570, permite a los atacantes remotos ejecutar el código arbitrario dentro del contexto del kernel. • http://support.blackberry.com/kb/articleDetail?articleNumber=000038167 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6726
https://notcve.org/view.php?id=CVE-2016-6726
17 Apr 2017 — Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices. Vulnerabilidad no especificada en componentes Qualcomm en Android en Nexus 6 y dispositivos Android One. • http://www.securityfocus.com/bid/94133 •
CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 0CVE-2016-6727
https://notcve.org/view.php?id=CVE-2016-6727
17 Apr 2017 — The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code. El subsistema Qualcomm GPS en Android en dispositivos Android One permite a atacantes remotos ejecutar código arbitrario. • http://support.blackberry.com/kb/articleDetail?articleNumber=000038666 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 7%CPEs: 45EXPL: 0CVE-2016-1155
https://notcve.org/view.php?id=CVE-2016-1155
13 Apr 2017 — HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies. Vulnerabilidad de inyección de encabezado HTTP en la clase URLConnection en Android OS 2.2 a 6.0 permite a atacantes remotos ejecutar scripts arbitrarios o establecer valores arbitrarios en cookies. • http://www.securityfocus.com/bid/97662 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 9%CPEs: 41EXPL: 2CVE-2014-7920
https://notcve.org/view.php?id=CVE-2014-7920
13 Apr 2017 — mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921. Mediaserver en Android 2.2 a 5.x en versiones anteriores a 5.1 permite a los atacantes obtener privilegios. NOTA: Esta es una vulnerabilidad diferente a CVE-2014-7921. • https://github.com/laginimaineb/cve-2014-7920-7921 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 17EXPL: 0CVE-2014-7921
https://notcve.org/view.php?id=CVE-2014-7921
13 Apr 2017 — mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920. Mediaserver en Android 4.0.3 a 5.x en versiones anteriores a 5.1 permite a los atacantes obtener privilegios. NOTA: Esta es una vulnerabilidad diferente a CVE-2014-7920. • https://android.googlesource.com/platform/frameworks/av/+/36d1577%5E%21 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5856
https://notcve.org/view.php?id=CVE-2016-5856
12 Apr 2017 — Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857. Drivers/soc/qcom/spcom.c en el driver Qualcom SPCom en el kernel de Android 2017-03-05 permite a usuarios locales obtener privilegios, una vulnerabilidad diferente a CVE-2016-5857. • http://www.securitytracker.com/id/1037968 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 4%CPEs: 28EXPL: 3CVE-2017-0541
https://notcve.org/view.php?id=CVE-2017-0541
07 Apr 2017 — A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34031018. • https://github.com/likescam/CVE-2017-0541 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0544
https://notcve.org/view.php?id=CVE-2017-0544
07 Apr 2017 — An elevation of privilege vulnerability in CameraBase could enable a local malicious application to execute arbitrary code. This issue is rated as High because it is a local arbitrary code execution in a privileged process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31992879. • http://www.securityfocus.com/bid/97337 • CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 9.3EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0546
https://notcve.org/view.php?id=CVE-2017-0546
07 Apr 2017 — An elevation of privilege vulnerability in SurfaceFlinger could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32628763. • http://www.securityfocus.com/bid/97341 • CWE-476: NULL Pointer Dereference •