Page 52 of 757 results (0.007 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775. • http://www.securityfocus.com/bid/94684 https://source.android.com/security/bulletin/2016-12-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31746399. • http://www.securityfocus.com/bid/94685 https://source.android.com/security/bulletin/2016-12-01.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31676542. • http://www.securityfocus.com/bid/94685 https://source.android.com/security/bulletin/2016-12-01.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service (device interoperability: completely permanent or requiring re-flashing the entire operating system). Product: Android. Versions: N/A. Android ID: A-30308784. • http://www.securityfocus.com/bid/95250 https://securityintelligence.com/android-vulnerabilities-attacking-nexus-6-and-6p-custom-boot-modes https://source.android.com/security/bulletin/2017-01-01.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0

An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31531758. • http://www.securityfocus.com/bid/95235 https://source.android.com/security/bulletin/2017-01-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •