CVSS: 7.6EPSS: 0%CPEs: 11EXPL: 0CVE-2014-9940
https://notcve.org/view.php?id=CVE-2014-9940
The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application. La función regulator_ena_gpio_free en drivers/regulator/core.c en el kernel de Linux anterior a la versión 3.19 permite a usuarios locales elevar sus privilegios o provocar una denegación de servicio (uso después de liberación) a través de una aplicación especialmente diseñada para aprovechar el fallo. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba http://www.debian.org/security/2017/dsa-3945 http://www.securityfocus.com/bid/98195 https://github.com/torvalds/linux/commit/60a2362f769cf549dc466134efe71c8bf9fbaaba https://source.android.com/security/bulletin/2017-05-01 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2433
https://notcve.org/view.php?id=CVE-2016-2433
The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel. El controlador Broadcom Wi-Fi para Android, tal como se usa por BlackBerry smartphones en versiones anteriores a Build AAE570, permite a los atacantes remotos ejecutar el código arbitrario dentro del contexto del kernel. • http://support.blackberry.com/kb/articleDetail?articleNumber=000038167 http://www.securityfocus.com/bid/98034 • CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: 33EXPL: 0CVE-2017-3544 – OpenJDK: newline injection in the SMTP client (Networking, 8171533)
https://notcve.org/view.php?id=CVE-2017-3544
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. • http://www.debian.org/security/2017/dsa-3858 http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html http://www.securityfocus.com/bid/97745 http://www.securitytracker.com/id/1038286 https://access.redhat.com/errata/RHSA-2017:1108 https://access.redhat.com/errata/RHSA-2017:1109 https://access.redhat.com/errata/RHSA-2017:1117 https://access.redhat.com/errata/RHSA-2017:1118 https://access.redhat.com/errata/RHSA-2017:1119 https://access.redhat.com/errata/RHS • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6727
https://notcve.org/view.php?id=CVE-2016-6727
The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code. El subsistema Qualcomm GPS en Android en dispositivos Android One permite a atacantes remotos ejecutar código arbitrario. • http://support.blackberry.com/kb/articleDetail?articleNumber=000038666 http://www.securityfocus.com/bid/94133 https://source.android.com/security/bulletin/2016-11-01 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6726
https://notcve.org/view.php?id=CVE-2016-6726
Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices. Vulnerabilidad no especificada en componentes Qualcomm en Android en Nexus 6 y dispositivos Android One. • http://www.securityfocus.com/bid/94133 https://source.android.com/security/bulletin/2016-11-01 •