CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3906
https://notcve.org/view.php?id=CVE-2016-3906
25 Nov 2016 — An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30445973. References: Qualcomm QC-CR#1054344. Una vulnerabilidad de divulgación de información en componentes Qualcomm incluyendo el con... • http://www.securityfocus.com/bid/94139 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-6729
https://notcve.org/view.php?id=CVE-2016-6729
25 Nov 2016 — An elevation of privilege vulnerability in the Qualcomm bootloader in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30977990. References: Qualcomm QC-CR#977684. Una vulnerabilidad de elevación de privilegio en el gestor de arranque Qualcomm en Andr... • http://www.securityfocus.com/bid/94203 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-6737
https://notcve.org/view.php?id=CVE-2016-6737
25 Nov 2016 — An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30928456. Una vulnerabilidad de elevación de privilegio en el subsistema del kernel ION en Android en versiones anteriores a 05-11-... • http://www.securityfocus.com/bid/94202 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-6749
https://notcve.org/view.php?id=CVE-2016-6749
25 Nov 2016 — An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30228438. References: Qualcomm QC-CR#1052818. Una vulnerabilidad de divulgación de información en componentes Qualcomm incluidos el cont... • http://www.securityfocus.com/bid/94139 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 2%CPEs: 6EXPL: 2CVE-2016-6754 – Google Android - 'BadKernel' Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-6754
25 Nov 2016 — A remote code execution vulnerability in Webview in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-05 could enable a remote attacker to execute arbitrary code when the user is navigating to a website. This issue is rated as High due to the possibility of remote code execution in an unprivileged process. Android ID: A-31217937. Una vulnerabilidad de ejecución de código remoto en Webview en Android 5.0.x en versiones anteriores a 5.0.2, 5.1.x en versiones anteriores a 5.1.1 y 6.x en ve... • https://www.exploit-db.com/exploits/40846 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6751
https://notcve.org/view.php?id=CVE-2016-6751
25 Nov 2016 — An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30902162. References: Qualcomm QC-CR#1062271. Una vulnerabilidad de divulgación de información en componentes Qualcomm incluidos el cont... • http://www.securityfocus.com/bid/94139 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6708
https://notcve.org/view.php?id=CVE-2016-6708
25 Nov 2016 — An elevation of privilege in the System UI in Android 7.0 before 2016-11-01 could enable a local malicious user to bypass the security prompt of your work profile in Multi-Window mode. This issue is rated as High because it is a local bypass of user interaction requirements for any developer or security setting modifications. Android ID: A-30693465. Una elevación de privilegio en el System UI en Android 7.0 en versiones anteriores a 01-11-2016 podría habilitar a un usuario local malicioso a eludir el aviso ... • http://www.securityfocus.com/bid/94166 • CWE-254: 7PK - Security Features CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6730
https://notcve.org/view.php?id=CVE-2016-6730
25 Nov 2016 — An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30904789. References: NVIDIA N-CVE-2016-6730. Una vulnerabilidad de elevación de privilegio en el controlador de la GPU en Android en ... • http://www.securityfocus.com/bid/94140 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6746
https://notcve.org/view.php?id=CVE-2016-6746
25 Nov 2016 — An information disclosure vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Android ID: A-30955105. References: NVIDIA N-CVE-2016-6746. Una vulnerabilidad de divulgación de información en el controlador NVIDIA GPU en Android en versiones anteriores a 05-11-2016 podría habilitar a una aplic... • http://www.securityfocus.com/bid/94209 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6731
https://notcve.org/view.php?id=CVE-2016-6731
25 Nov 2016 — An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Android ID: A-30906023. References: NVIDIA N-CVE-2016-6731. Una vulnerabilidad de elevación de privilegio en el controlador NVIDIA GPU en Android en... • http://www.securityfocus.com/bid/94140 • CWE-264: Permissions, Privileges, and Access Controls •