CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0612
https://notcve.org/view.php?id=CVE-2017-0612
12 May 2017 — An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-34389303. • http://www.securityfocus.com/bid/98231 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10294
https://notcve.org/view.php?id=CVE-2016-10294
12 May 2017 — An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33621829. • https://source.android.com/security/bulletin/2017-05-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0619
https://notcve.org/view.php?id=CVE-2017-0619
12 May 2017 — An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35401152. • http://www.securityfocus.com/bid/98192 •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0628
https://notcve.org/view.php?id=CVE-2017-0628
12 May 2017 — An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34230377. • http://www.securityfocus.com/bid/98211 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0631
https://notcve.org/view.php?id=CVE-2017-0631
12 May 2017 — An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35399756. • http://www.securityfocus.com/bid/98216 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0632
https://notcve.org/view.php?id=CVE-2017-0632
12 May 2017 — An information disclosure vulnerability in the Qualcomm sound codec driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35392586. • http://www.securityfocus.com/bid/98221 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10295
https://notcve.org/view.php?id=CVE-2016-10295
12 May 2017 — An information disclosure vulnerability in the Qualcomm LED driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33781694. • https://source.android.com/security/bulletin/2017-05-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0613
https://notcve.org/view.php?id=CVE-2017-0613
12 May 2017 — An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35400457. • http://www.securityfocus.com/bid/98186 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-7472 – Linux Kernel < 4.10.13 - 'keyctl_set_reqkey_keyring' Local Denial of Service
https://notcve.org/view.php?id=CVE-2017-7472
11 May 2017 — The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls. El subsistema KEYS en el kernel de Linux anterior a 4.10.13 permite a los usuarios locales causar una denegación de servicio (consumo de memoria) a través de una serie de llamadas KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring. A vulnerability was found in the Linux kernel where the keyctl_set_reqk... • https://www.exploit-db.com/exploits/42136 • CWE-400: Uncontrolled Resource Consumption CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 3CVE-2017-8890 – kernel: Double free in the inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c
https://notcve.org/view.php?id=CVE-2017-8890
10 May 2017 — The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call. La función inet_csk_clone_lock en net / ipv4 / inet_connection_sock.c en el kernel de Linux hasta la versión 4.10.15 permite a los atacantes causar una denegación de servicio (double free) u otro impacto no especificado al aprovechar el uso de la llamada al sis... • https://github.com/beraphin/CVE-2017-8890 • CWE-415: Double Free CWE-416: Use After Free •