CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0824
https://notcve.org/view.php?id=CVE-2017-0824
An elevation of privilege vulnerability in the Broadcom wifi driver. Product: Android. Versions: Android kernel. Android ID: A-37622847. References: B-V2017063001. • https://source.android.com/security/bulletin/pixel/2017-10-01 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0826
https://notcve.org/view.php?id=CVE-2017-0826
An elevation of privilege vulnerability in the HTC bootloader. Product: Android. Versions: Android kernel. Android ID: A-34949781. Existe una vulnerabilidad de elevación de privilegios en el bootloader de HTC. • https://source.android.com/security/bulletin/pixel/2017-10-01 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0827
https://notcve.org/view.php?id=CVE-2017-0827
An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-62539960. References: M-ALPS03353876, M-ALPS03353861, M-ALPS03353869, M-ALPS03353867, M-ALPS03353872. • http://www.securityfocus.com/bid/101120 https://source.android.com/security/bulletin/2017-10-01 •
CVSS: 7.8EPSS: 7%CPEs: 21EXPL: 1CVE-2017-14496 – Dnsmasq < 2.78 - Integer Underflow
https://notcve.org/view.php?id=CVE-2017-14496
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. Un desbordamiento inferior de enteros en las versiones anteriores a la 2.78 de dnsmasq, cuando están especificadas las opciones --add-mac, --add-cpe-id o --add-subnet, permite que los atacantes remotos provoquen una denegación de servicio mediante una petición DNS manipulada. An integer underflow flaw leading to a buffer over-read was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash. This issue only affected configurations using one of the options: add-mac, add-cpe-id, or add-subnet. • https://www.exploit-db.com/exploits/42946 http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html http://nvidia.custhelp.com/app/answers/detail/a_id/4561 http://thekelleys.org.uk/dnsmasq/CHANGELOG http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7 http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt http://www.debian.org/security/2017/dsa-3989 http://www.securityfocus.com/bid/101085 http://www.securityfocu • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5868
https://notcve.org/view.php?id=CVE-2016-5868
drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process. drivers/net/ethernet/msm/rndis_ipa.c en el controlador de networking de Qualcomm en Android permite que los atacantes remotos ejecuten código arbitrario mediante una aplicación manipulada que compromete un proceso privilegiado. • http://www.securityfocus.com/bid/98197 https://source.android.com/security/bulletin/2017-05-01 https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=fbb765a3f813f5cc85ddab21487fd65f24bf6a8c • CWE-264: Permissions, Privileges, and Access Controls •