CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-9803
https://notcve.org/view.php?id=CVE-2014-9803
11 Jul 2016 — arch/arm64/include/asm/pgtable.h in the Linux kernel before 3.15-rc5-next-20140519, as used in Android before 2016-07-05 on Nexus 5X and 6P devices, mishandles execute-only pages, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28557020. arch/arm64/include/asm/pgtable.h en el kernel de Linux en versiones anteriores a 3.15-rc5-next-20140519, tal y como se utiliza en Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 5X y 6P, no maneja correctament... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5a0fdfada3a2aa50d7b947a2e958bf00cbe0d830 • CWE-19: Data Processing Errors •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8888
https://notcve.org/view.php?id=CVE-2015-8888
11 Jul 2016 — Integer overflow in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to bypass intended access restrictions via a crafted block count and block size of a sparse header, aka Android internal bug 28822465 and Qualcomm internal bug CR813933. Desbordamiento de entero en app/aboot/aboot.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 5 permite a atacantes eludir restricciones destinadas al acceso a... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-189: Numeric Errors CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8889
https://notcve.org/view.php?id=CVE-2015-8889
11 Jul 2016 — The aboot implementation in the Qualcomm components in Android before 2016-07-05 on Nexus 6P devices omits the recovery PIN feature, which has unspecified impact and attack vectors, aka Android internal bug 28822677 and Qualcomm internal bug CR804067. La implementación de aboot en los componentes de Qualcomm en Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 6P omite la característica de recuperación de PIN, lo que tiene un impacto y vectores de ataque no especificados, también conocido c... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8890
https://notcve.org/view.php?id=CVE-2015-8890
11 Jul 2016 — platform/msm_shared/partition_parser.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate certain GUID Partition Table (GPT) data, which allows attackers to bypass intended access restrictions via a crafted MultiMediaCard (MMC), aka Android internal bug 28822878 and Qualcomm internal bug CR823461. platform/msm_shared/partition_parser.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 5 y 7 (2013) no va... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8891
https://notcve.org/view.php?id=CVE-2015-8891
11 Jul 2016 — Multiple integer overflows in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to bypass intended access restrictions via a crafted image, aka Android internal bug 28842418 and Qualcomm internal bug CR813930. Multiples desbordamientos de entero en app/aboot/aboot.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 5 y 7 (2013) permiten a atacantes eludir restricciones destinadas al acc... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8892
https://notcve.org/view.php?id=CVE-2015-8892
11 Jul 2016 — platform/msm_shared/boot_verifier.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to bypass intended access restrictions via a digest with trailing data, aka Android internal bug 28822807 and Qualcomm internal bug CR902998. platform/msm_shared/boot_verifier.c en los componentes de Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 5X y 6P permite a atacantes eludir restricciones destinadas al acceso a través de una asimilación con datos d... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8893
https://notcve.org/view.php?id=CVE-2015-8893
11 Jul 2016 — app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to cause a denial of service (OS outage or buffer over-read) via a crafted application, aka Android internal bug 28822690 and Qualcomm internal bug CR822275. app/aboot/aboot.c en el gestor de arranque de Qualcomm en Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 5 y 7 (2013) permite a atacantes provocar una denegación de servicio (interrupción del SO o sobre lectura ... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2501
https://notcve.org/view.php?id=CVE-2016-2501
11 Jul 2016 — The Qualcomm camera driver in Android before 2016-07-05 on Nexus 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 27890772 and Qualcomm internal bug CR1001092. El controlador de cámara de Qualcomm en Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 5X, 6, 6P y 7 (2013) permite a atacantes obtener privilegios a través de una aplicación manipulada, también conocido como error interno de Android 27890772 y error interno de... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2502
https://notcve.org/view.php?id=CVE-2016-2502
11 Jul 2016 — drivers/usb/gadget/f_serial.c in the Qualcomm USB driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a large size in a GSER_IOCTL ioctl call, aka Android internal bug 27657963 and Qualcomm internal bug CR997044. drivers/usb/gadget/f_serial.c en el controlador USB Qualcomm en Android en versiones anteriores a 2016-07-05 en dispositivos Nexus 5X y 6P permite a atacantes obtener privilegios a través de un tamaño grande en una llamada ioctl GSER_IOCTL, también... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2505
https://notcve.org/view.php?id=CVE-2016-2505
11 Jul 2016 — mpeg2ts/ATSParser.cpp in libstagefright in mediaserver in Android 6.x before 2016-07-01 does not validate a certain section length, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 28333006. mpeg2ts/ATSParser.cpp en libstagefright en mediaserver en Android 6.x en versiones anteriores a 2016-07-01 no valida una determinada longitud de sección, lo que permite a atacantes remotos ejecutar un código arbitrario o p... • http://source.android.com/security/bulletin/2016-07-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •