CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9872
https://notcve.org/view.php?id=CVE-2014-9872
06 Aug 2016 — The diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not ensure unique identifiers in a DCI client table, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28750155 and Qualcomm internal bug CR590721. El controlador diag en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5 no asegura identificadores únicos en una tabla de cliente DCI, lo que permite a atacantes obtener pri... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9886
https://notcve.org/view.php?id=CVE-2014-9886
06 Aug 2016 — arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28815575 and Qualcomm internal bug CR555030. arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5 y 7 (2013) no valida adecuadamente parámetros de en... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9881
https://notcve.org/view.php?id=CVE-2014-9881
06 Aug 2016 — drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices uses an incorrect integer data type, which allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application, aka Android internal bug 28769368 and Qualcomm internal bug CR539008. drivers/media/radio/radio-iris.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 7 (2013) utiliza un tipo de datos de ent... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9894
https://notcve.org/view.php?id=CVE-2014-9894
06 Aug 2016 — drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not ensure that certain name strings end in a '\0' character, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28749708 and Qualcomm internal bug CR545736. drivers/misc/qseecom.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 7 (2013) no asegura que ciertas cadenas de nombre acaben en un c... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8944 – Ubuntu Security Notice USN-3360-1
https://notcve.org/view.php?id=CVE-2015-8944
06 Aug 2016 — The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information by reading this file, aka Android internal bug 28814213 and Qualcomm internal bug CR786116. NOTE: the permissions may be intentional in most non-Android contexts. La función ioresources_init en kernel/resource.c en el kernel de Linux hasta la versión 4.7, como s... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9899
https://notcve.org/view.php?id=CVE-2014-9899
06 Aug 2016 — drivers/usb/host/ehci-msm2.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices omits certain minimum calculations before copying data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28803909 and Qualcomm internal bug CR547910. drivers/usb/host/ehci-msm2.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5 omite ciertos cálculos mínimos antes de copiar datos, lo que permite... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-9895
https://notcve.org/view.php?id=CVE-2014-9895
06 Aug 2016 — drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28750150 and Qualcomm internal bug CR570757, a different vulnerability than CVE-2014-1739. drivers/media/media-device.c en el kernel de Linux en versiones anteriores a 3.11, como se usa en Android en versiones anterio... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c88e739b1fad662240e99ecbd0bdaac871717987 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9876
https://notcve.org/view.php?id=CVE-2014-9876
06 Aug 2016 — drivers/char/diag/diagfwd.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices mishandles certain integer values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28767796 and Qualcomm internal bug CR483408. drivers/char/diag/diagfwd.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5, 5X, 6, 6p y 7 (2013) no maneja adecuadamente ciertos valores de entero, lo que... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9880
https://notcve.org/view.php?id=CVE-2014-9880
06 Aug 2016 — drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate VEN_IOCTL_GET_SEQUENCE_HDR ioctl calls, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769352 and Qualcomm internal bug CR556356. drivers/video/msm/vidc/common/enc/venc.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 7 (2013) no valida llamadas ioctl VEN_IOCTL_GET_SE... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9891
https://notcve.org/view.php?id=CVE-2014-9891
06 Aug 2016 — drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain buffer addresses, which allows attackers to gain privileges via a crafted application that makes an ioctl call, aka Android internal bug 28749283 and Qualcomm internal bug CR550061. drivers/misc/qseecom.c en los componentes Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5 no valida ciertas direcciones de memoria búfer, lo que permite a atacantes obtener ... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •