CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-9869
https://notcve.org/view.php?id=CVE-2014-9869
06 Aug 2016 — drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain index values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28749728 and Qualcomm internal bug CR514711. drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5 y 7 (2013) no vali... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-9870
https://notcve.org/view.php?id=CVE-2014-9870
06 Aug 2016 — The Linux kernel before 3.11 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly consider user-space access to the TPIDRURW register, which allows local users to gain privileges via a crafted application, aka Android internal bug 28749743 and Qualcomm internal bug CR561044. El kernel de Linux en versiones anteriores a 3.11 en plataformas ARM, tal como se utiliza en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5 y 7 (2013), no restri... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4780adeefd042482f624f5e0d577bf9cdcbb760 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8937
https://notcve.org/view.php?id=CVE-2015-8937
06 Aug 2016 — drivers/char/diag/diagchar_core.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 6, and 7 (2013) devices mishandles a socket process, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28803962 and Qualcomm internal bug CR770548. drivers/char/diag/diagchar_core.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5, 6 y 7 (2013) no maneja adecuadamente un proceso de tomas, lo que permite a ataca... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-19: Data Processing Errors •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8938
https://notcve.org/view.php?id=CVE-2015-8938
06 Aug 2016 — The MSM camera driver in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate input parameters, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28804030 and Qualcomm internal bug CR766022. El controlador de cámara MSM en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 6 no valida adecuadamente parámetros de entrada, lo que permite a atacantes obtener privilegios a través de un... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8939
https://notcve.org/view.php?id=CVE-2015-8939
06 Aug 2016 — drivers/video/msm/mdp4_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate r stages, g stages, or b stages data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28398884 and Qualcomm internal bug CR779021. drivers/video/msm/mdp4_util.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 7 (2013) no valida datos de etapas r, etapas g o etapas b, lo que permite ... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8940
https://notcve.org/view.php?id=CVE-2015-8940
06 Aug 2016 — Integer overflow in sound/soc/msm/qdsp6v2/q6lsm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28813987 and Qualcomm internal bug CR792367. Desbordamiento de entero en sound/soc/msm/qdsp6v2/q6lsm.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 6 permite a atacantes obtener privilegios a través de una aplicación manipulada, también conoci... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8941
https://notcve.org/view.php?id=CVE-2015-8941
06 Aug 2016 — drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices does not properly validate array indexes, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28814502 and Qualcomm internal bug CR792473. drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 6 y 7 (2013) no valida... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8942
https://notcve.org/view.php?id=CVE-2015-8942
06 Aug 2016 — drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate the stream state, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28814652 and Qualcomm internal bug CR803246. drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 6 no valida el estado de corriente, lo que perm... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8943
https://notcve.org/view.php?id=CVE-2015-8943
06 Aug 2016 — drivers/video/msm/mdss/mdss_mdp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not verify that a mapping exists before proceeding with an unmap operation, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28815158 and Qualcomm internal bugs CR794217 and CR836226. drivers/video/msm/mdss/mdss_mdp_util.c en los componentes de Qualcomm en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5 no verifica que existe... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8944 – Ubuntu Security Notice USN-3360-1
https://notcve.org/view.php?id=CVE-2015-8944
06 Aug 2016 — The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information by reading this file, aka Android internal bug 28814213 and Qualcomm internal bug CR786116. NOTE: the permissions may be intentional in most non-Android contexts. La función ioresources_init en kernel/resource.c en el kernel de Linux hasta la versión 4.7, como s... • http://source.android.com/security/bulletin/2016-08-01.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •