CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2433
https://notcve.org/view.php?id=CVE-2016-2433
The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel. El controlador Broadcom Wi-Fi para Android, tal como se usa por BlackBerry smartphones en versiones anteriores a Build AAE570, permite a los atacantes remotos ejecutar el código arbitrario dentro del contexto del kernel. • http://support.blackberry.com/kb/articleDetail?articleNumber=000038167 http://www.securityfocus.com/bid/98034 • CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: 33EXPL: 0CVE-2017-3544 – OpenJDK: newline injection in the SMTP client (Networking, 8171533)
https://notcve.org/view.php?id=CVE-2017-3544
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. • http://www.debian.org/security/2017/dsa-3858 http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html http://www.securityfocus.com/bid/97745 http://www.securitytracker.com/id/1038286 https://access.redhat.com/errata/RHSA-2017:1108 https://access.redhat.com/errata/RHSA-2017:1109 https://access.redhat.com/errata/RHSA-2017:1117 https://access.redhat.com/errata/RHSA-2017:1118 https://access.redhat.com/errata/RHSA-2017:1119 https://access.redhat.com/errata/RHS • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6727
https://notcve.org/view.php?id=CVE-2016-6727
The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code. El subsistema Qualcomm GPS en Android en dispositivos Android One permite a atacantes remotos ejecutar código arbitrario. • http://support.blackberry.com/kb/articleDetail?articleNumber=000038666 http://www.securityfocus.com/bid/94133 https://source.android.com/security/bulletin/2016-11-01 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6726
https://notcve.org/view.php?id=CVE-2016-6726
Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices. Vulnerabilidad no especificada en componentes Qualcomm en Android en Nexus 6 y dispositivos Android One. • http://www.securityfocus.com/bid/94133 https://source.android.com/security/bulletin/2016-11-01 •
CVSS: 9.8EPSS: 0%CPEs: 45EXPL: 0CVE-2016-1155
https://notcve.org/view.php?id=CVE-2016-1155
HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies. Vulnerabilidad de inyección de encabezado HTTP en la clase URLConnection en Android OS 2.2 a 6.0 permite a atacantes remotos ejecutar scripts arbitrarios o establecer valores arbitrarios en cookies. • http://www.securityfocus.com/bid/97662 https://android.googlesource.com/platform/external/okhttp/+/71b9f47b26fb57ac3e436a19519c6e3ec70e86eb https://jvn.jp/vu/JVNVU99757346/index.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •