CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0444
https://notcve.org/view.php?id=CVE-2017-0444
08 Feb 2017 — An elevation of privilege vulnerability in the Realtek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32705232. • http://www.securityfocus.com/bid/96107 •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0445
https://notcve.org/view.php?id=CVE-2017-0445
08 Feb 2017 — An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32769717. • http://www.securityfocus.com/bid/96054 •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0446
https://notcve.org/view.php?id=CVE-2017-0446
08 Feb 2017 — An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32917445. • http://www.securityfocus.com/bid/96054 •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0447
https://notcve.org/view.php?id=CVE-2017-0447
08 Feb 2017 — An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32919560. • http://www.securityfocus.com/bid/96054 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0448
https://notcve.org/view.php?id=CVE-2017-0448
08 Feb 2017 — An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10. Android ID: A-32721029. • http://www.securityfocus.com/bid/96105 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0449
https://notcve.org/view.php?id=CVE-2017-0449
08 Feb 2017 — An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10. Android ID: A-31707909. • http://www.securityfocus.com/bid/96110 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0450
https://notcve.org/view.php?id=CVE-2017-0450
08 Feb 2017 — An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it is mitigated by current platform configurations. Product: Android. Versions: N/A. Android ID: A-32917432. • http://www.securityfocus.com/bid/96109 •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2017-0451
https://notcve.org/view.php?id=CVE-2017-0451
08 Feb 2017 — An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31796345. • http://www.securityfocus.com/bid/96108 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0420
https://notcve.org/view.php?id=CVE-2017-0420
08 Feb 2017 — An information disclosure vulnerability in AOSP Mail could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application does not have access to. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32615212. • http://www.securityfocus.com/bid/96093 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-9914
https://notcve.org/view.php?id=CVE-2014-9914
07 Feb 2017 — Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect expectations about locking during multithreaded access to internal data structures for IPv4 UDP sockets. Condición de carrera en la función ip4_datagram_release_cb en net/ipv4/datagram.c en el kernel de Linux en versiones anteriores a 3.15.2 permite a usuarios locales obtener privilegios o p... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9709674e68646cee5a24e3000b3558d25412203a • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •