CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0749
https://notcve.org/view.php?id=CVE-2017-0749
A elevation of privilege vulnerability in the Upstream Linux linux kernel. Product: Android. Versions: Android kernel. Android ID: A-36007735. Existe una vulnerabilidad de elevación de privilegios en el kernel linux en Upstream Linux. • http://www.securityfocus.com/bid/100215 https://bugzilla.novell.com/show_bug.cgi?id=1053162 https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-0749.html https://security-tracker.debian.org/tracker/CVE-2017-0749 https://source.android.com/security/bulletin/2017-08-01 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0750
https://notcve.org/view.php?id=CVE-2017-0750
A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013. Existe una vulnerabilidad de elevación de privilegios en el sistema de archivos Upstream Linux. • http://www.securityfocus.com/bid/100215 https://bugzilla.novell.com/show_bug.cgi?id=1053160 https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-0750.html https://security-tracker.debian.org/tracker/CVE-2017-0750 https://source.android.com/security/bulletin/2017-08-01 https://usn.ubuntu.com/3583-1 https://usn.ubuntu.com/3583-2 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3839
https://notcve.org/view.php?id=CVE-2015-3839
The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). La función updateMessageStatus en Android 5.1.1 y anteriores permite que usuarios locales provoquen una denegación de servicio (excepción de puntero nulo y caída de procesos). • http://blog.trendmicro.com/trendlabs-security-intelligence/os-x-zero-days-on-the-rise-a-2015-midyear-review-on-advanced-attack-surfaces http://blog.trendmicro.com/trendlabs-security-intelligence/two-new-android-bugs-mess-up-messaging-may-lead-to-multiple-send-charges http://www.securityfocus.com/bid/100158 https://huntcve.github.io/2017/02/13/cveupdate • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2278
https://notcve.org/view.php?id=CVE-2017-2278
The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEED TEST App for iOS version 2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Las versiones 2.0.3 y anteriores de la aplicación RBB SPEED TEST App para Android, así como las versiones 2.1.0 y anteriores para iOS no verifican certificados X.509 desde servidores SSL. Esto permite a los atacantes que realicen Man-in-the-Middle (MitM) suplantar servidores y obtener información sensible utilizando un certificado manipulado. • http://www.iid.co.jp/information/170714.html https://jvn.jp/en/jp/JVN24238648/index.html • CWE-295: Improper Certificate Validation •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6249
https://notcve.org/view.php?id=CVE-2017-6249
An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-34373711. • http://www.securityfocus.com/bid/99616 http://www.securitytracker.com/id/1038623 https://source.android.com/security/bulletin/2017-06-01 •