CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0562
https://notcve.org/view.php?id=CVE-2017-0562
An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30202425. • http://www.securityfocus.com/bid/97345 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0566
https://notcve.org/view.php?id=CVE-2017-0566
An elevation of privilege vulnerability in the MediaTek camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28470975. • http://www.securityfocus.com/bid/97351 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 •
CVSS: 5.5EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0559
https://notcve.org/view.php?id=CVE-2017-0559
An information disclosure vulnerability in libskia could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33897722. • http://www.securityfocus.com/bid/97352 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0554
https://notcve.org/view.php?id=CVE-2017-0554
An elevation of privilege vulnerability in the Telephony component could enable a local malicious application to access capabilities outside of its permission levels. This issue is rated as Moderate because it could be used to gain access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33815946. • http://www.securityfocus.com/bid/97343 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 • CWE-862: Missing Authorization •
CVSS: 9.3EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0546
https://notcve.org/view.php?id=CVE-2017-0546
An elevation of privilege vulnerability in SurfaceFlinger could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32628763. • http://www.securityfocus.com/bid/97341 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 • CWE-476: NULL Pointer Dereference •