CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0610
https://notcve.org/view.php?id=CVE-2017-0610
12 May 2017 — An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35399404. • http://www.securityfocus.com/bid/98255 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0627 – Ubuntu Security Notice USN-3674-1
https://notcve.org/view.php?id=CVE-2017-0627
12 May 2017 — An information disclosure vulnerability in the kernel UVC driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33300353. • http://www.securityfocus.com/bid/98205 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0624
https://notcve.org/view.php?id=CVE-2017-0624
12 May 2017 — An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34327795. • http://www.securityfocus.com/bid/98200 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0612
https://notcve.org/view.php?id=CVE-2017-0612
12 May 2017 — An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-34389303. • http://www.securityfocus.com/bid/98231 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0619
https://notcve.org/view.php?id=CVE-2017-0619
12 May 2017 — An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35401152. • http://www.securityfocus.com/bid/98192 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10288
https://notcve.org/view.php?id=CVE-2016-10288
12 May 2017 — An elevation of privilege vulnerability in the Qualcomm LED driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33863909. • https://source.android.com/security/bulletin/2017-05-01 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10294
https://notcve.org/view.php?id=CVE-2016-10294
12 May 2017 — An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33621829. • https://source.android.com/security/bulletin/2017-05-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10285
https://notcve.org/view.php?id=CVE-2016-10285
12 May 2017 — An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33752702. • http://www.securityfocus.com/bid/98163 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 3CVE-2017-7472 – Linux Kernel < 4.10.13 - 'keyctl_set_reqkey_keyring' Local Denial of Service
https://notcve.org/view.php?id=CVE-2017-7472
11 May 2017 — The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls. El subsistema KEYS en el kernel de Linux anterior a 4.10.13 permite a los usuarios locales causar una denegación de servicio (consumo de memoria) a través de una serie de llamadas KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring. A vulnerability was found in the Linux kernel where the keyctl_set_reqk... • https://packetstorm.news/files/id/142871 • CWE-400: Uncontrolled Resource Consumption CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 3CVE-2017-8890 – kernel: Double free in the inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c
https://notcve.org/view.php?id=CVE-2017-8890
10 May 2017 — The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call. La función inet_csk_clone_lock en net / ipv4 / inet_connection_sock.c en el kernel de Linux hasta la versión 4.10.15 permite a los atacantes causar una denegación de servicio (double free) u otro impacto no especificado al aprovechar el uso de la llamada al sis... • https://github.com/beraphin/CVE-2017-8890 • CWE-415: Double Free CWE-416: Use After Free •