CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0520
https://notcve.org/view.php?id=CVE-2017-0520
08 Mar 2017 — An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31750232. • http://www.securityfocus.com/bid/96804 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0531
https://notcve.org/view.php?id=CVE-2017-0531
08 Mar 2017 — An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32877245. • http://www.securityfocus.com/bid/96743 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8478
https://notcve.org/view.php?id=CVE-2016-8478
08 Mar 2017 — An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32511270. • http://www.securityfocus.com/bid/96734 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0307
https://notcve.org/view.php?id=CVE-2017-0307
08 Mar 2017 — An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33177895. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0528
https://notcve.org/view.php?id=CVE-2017-0528
08 Mar 2017 — An elevation of privilege vulnerability in the kernel security subsystem could enable a local malicious application to to execute code in the context of a privileged process. This issue is rated as High because it is a general bypass for a kernel level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-33351919. • http://www.securityfocus.com/bid/96807 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0338
https://notcve.org/view.php?id=CVE-2017-0338
08 Mar 2017 — An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-33057977. • http://www.securityfocus.com/bid/96723 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0336
https://notcve.org/view.php?id=CVE-2017-0336
08 Mar 2017 — An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.18. Android ID: A-33042679. • http://www.securitytracker.com/id/1037968 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0455
https://notcve.org/view.php?id=CVE-2017-0455
08 Mar 2017 — An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootloader level defense in depth or exploit mitigation technology. Product: Android. Versions: Kernel-3.18. Android ID: A-32370952. • http://www.securityfocus.com/bid/96812 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0463
https://notcve.org/view.php?id=CVE-2017-0463
08 Mar 2017 — An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33277611. • http://www.securityfocus.com/bid/96948 • CWE-20: Improper Input Validation •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0460
https://notcve.org/view.php?id=CVE-2017-0460
08 Mar 2017 — An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31252965. • http://www.securityfocus.com/bid/96948 •