Page 70 of 1013 results (0.006 seconds)

CVSS: 5.5EPSS: 0%CPEs: 28EXPL: 0

An information disclosure vulnerability in libskia could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33897722. • http://www.securityfocus.com/bid/97352 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0

An elevation of privilege vulnerability in the Telephony component could enable a local malicious application to access capabilities outside of its permission levels. This issue is rated as Moderate because it could be used to gain access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33815946. • http://www.securityfocus.com/bid/97343 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 • CWE-862: Missing Authorization •

CVSS: 9.3EPSS: 0%CPEs: 28EXPL: 0

An elevation of privilege vulnerability in SurfaceFlinger could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32628763. • http://www.securityfocus.com/bid/97341 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 • CWE-476: NULL Pointer Dereference •

CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175904. • http://www.securityfocus.com/bid/97349 http://www.securitytracker.com/id/1038201 https://source.android.com/security/bulletin/2017-04-01 •

CVSS: 7.6EPSS: 0%CPEs: 11EXPL: 0

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. • http://git.infradead.org/users/tgr/libnl.git/commit/3e18948f17148e6a3c4255bdeaaf01ef6081ceeb http://lists.infradead.org/pipermail/libnl/2017-May/002313.html http://www.securityfocus.com/bid/97340 http://www.securitytracker.com/id/1038201 http://www.ubuntu.com/usn/USN-3311-2 https://access.redhat.com/errata/RHSA-2017:2299 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6VCF5KS6HOJZLFIY2ZSXSVSDQX65A2PU https://lists.fedoraproject.org/archives/list/package-announce%40l • CWE-190: Integer Overflow or Wraparound •