CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0749
https://notcve.org/view.php?id=CVE-2017-0749
A elevation of privilege vulnerability in the Upstream Linux linux kernel. Product: Android. Versions: Android kernel. Android ID: A-36007735. Existe una vulnerabilidad de elevación de privilegios en el kernel linux en Upstream Linux. • http://www.securityfocus.com/bid/100215 https://bugzilla.novell.com/show_bug.cgi?id=1053162 https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-0749.html https://security-tracker.debian.org/tracker/CVE-2017-0749 https://source.android.com/security/bulletin/2017-08-01 •
CVSS: 5.5EPSS: 0%CPEs: 29EXPL: 0CVE-2017-0726
https://notcve.org/view.php?id=CVE-2017-0726
A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36389123. Existe una vulnerabilidad de denegación de servicio en el media framework de Android (libstagefright). • http://www.securityfocus.com/bid/100204 https://source.android.com/security/bulletin/2017-08-01 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.3EPSS: 0%CPEs: 29EXPL: 0CVE-2017-0745
https://notcve.org/view.php?id=CVE-2017-0745
A remote code execution vulnerability in the Android media framework (avc decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37079296. Existe una vulnerabilidad de ejecución remota de código en el media framework de Android (avc decoder). • http://www.securityfocus.com/bid/100204 https://source.android.com/security/bulletin/2017-08-01 • CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3839
https://notcve.org/view.php?id=CVE-2015-3839
The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash). La función updateMessageStatus en Android 5.1.1 y anteriores permite que usuarios locales provoquen una denegación de servicio (excepción de puntero nulo y caída de procesos). • http://blog.trendmicro.com/trendlabs-security-intelligence/os-x-zero-days-on-the-rise-a-2015-midyear-review-on-advanced-attack-surfaces http://blog.trendmicro.com/trendlabs-security-intelligence/two-new-android-bugs-mess-up-messaging-may-lead-to-multiple-send-charges http://www.securityfocus.com/bid/100158 https://huntcve.github.io/2017/02/13/cveupdate • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2278
https://notcve.org/view.php?id=CVE-2017-2278
The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEED TEST App for iOS version 2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Las versiones 2.0.3 y anteriores de la aplicación RBB SPEED TEST App para Android, así como las versiones 2.1.0 y anteriores para iOS no verifican certificados X.509 desde servidores SSL. Esto permite a los atacantes que realicen Man-in-the-Middle (MitM) suplantar servidores y obtener información sensible utilizando un certificado manipulado. • http://www.iid.co.jp/information/170714.html https://jvn.jp/en/jp/JVN24238648/index.html • CWE-295: Improper Certificate Validation •