Page 38 of 1019 results (0.007 seconds)

CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37930177. Existe una vulnerabilidad de ejecución remota de código en el media framework de Android (libhevc). • http://www.securityfocus.com/bid/101088 https://android.googlesource.com/platform/external/libhevc/+/25c0ffbe6a181b4a373c3c9b421ea449d457e6ed https://source.android.com/security/bulletin/2017-10-01 •

CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0

An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63522430. Existe una vulnerabilidad de divulgación de información en el media framework de Android (libstagefright). • http://www.securityfocus.com/bid/101151 https://android.googlesource.com/platform/frameworks/av/+/d834160d9759f1098df692b34e6eeb548f9e317b https://source.android.com/security/bulletin/pixel/2017-10-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0

An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63526567. Existe una vulnerabilidad de divulgación de información en el media framework de Android (libeffects). • http://www.securityfocus.com/bid/101088 https://android.googlesource.com/platform/frameworks/av/+/f490fc335772a9b14e78997486f4a572b0594c04 https://source.android.com/security/bulletin/2017-10-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 7%CPEs: 21EXPL: 1

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. Un desbordamiento inferior de enteros en las versiones anteriores a la 2.78 de dnsmasq, cuando están especificadas las opciones --add-mac, --add-cpe-id o --add-subnet, permite que los atacantes remotos provoquen una denegación de servicio mediante una petición DNS manipulada. An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. • https://www.exploit-db.com/exploits/42946 http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html http://nvidia.custhelp.com/app/answers/detail/a_id/4561 http://thekelleys.org.uk/dnsmasq/CHANGELOG http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7 http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt http://www.debian.org/security/2017/dsa-3989 http://www.securityfocus.com/bid/101085 http://www.securityfocu • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0

drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process. drivers/net/ethernet/msm/rndis_ipa.c en el controlador de networking de Qualcomm en Android permite que los atacantes remotos ejecuten código arbitrario mediante una aplicación manipulada que compromete un proceso privilegiado. • http://www.securityfocus.com/bid/98197 https://source.android.com/security/bulletin/2017-05-01 https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c • CWE-264: Permissions, Privileges, and Access Controls •