CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8435
https://notcve.org/view.php?id=CVE-2016-8435
12 Jan 2017 — An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32700935. • http://www.securityfocus.com/bid/95254 • CWE-284: Improper Access Control •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2017-0404
https://notcve.org/view.php?id=CVE-2017-0404
12 Jan 2017 — An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32510733. • http://www.securityfocus.com/bid/95281 •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8474
https://notcve.org/view.php?id=CVE-2016-8474
12 Jan 2017 — An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31799972. • http://www.securityfocus.com/bid/95233 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8428
https://notcve.org/view.php?id=CVE-2016-8428
12 Jan 2017 — An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31993456. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8459
https://notcve.org/view.php?id=CVE-2016-8459
12 Jan 2017 — Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. • http://www.securityfocus.com/bid/95227 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8460
https://notcve.org/view.php?id=CVE-2016-8460
12 Jan 2017 — An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10. Android ID: A-31668540. • http://www.securityfocus.com/bid/95249 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2016-8412
https://notcve.org/view.php?id=CVE-2016-8412
12 Jan 2017 — An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31225246. • http://www.securityfocus.com/bid/95238 • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8432
https://notcve.org/view.php?id=CVE-2016-8432
12 Jan 2017 — An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32447738. • http://www.securityfocus.com/bid/95236 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-8442
https://notcve.org/view.php?id=CVE-2016-8442
12 Jan 2017 — Possible unauthorized memory access in the hypervisor. Lack of input validation could allow hypervisor memory to be accessed by the HLOS. Product: Android. Versions: Kernel 3.18. Android ID: A-31625910. • http://www.securityfocus.com/bid/95227 • CWE-20: Improper Input Validation •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2016-8457
https://notcve.org/view.php?id=CVE-2016-8457
12 Jan 2017 — An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32219453. • http://www.securityfocus.com/bid/95240 • CWE-264: Permissions, Privileges, and Access Controls •