Page 89 of 1877 results (0.015 seconds)

CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0

CVE-2015-9004

https://notcve.org/view.php?id=CVE-2015-9004

02 May 2017 — kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions. kernel/events/core.c en el kernel de Linux anterior a la versión 3.19 no gestiona correctamente el contador grouping, lo que permite a usuarios locales escalar privilegios a través de una aplicación especialmente diseñada para provechar el fallo, relacionado con la apertura de funciones the per... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2017-0331

https://notcve.org/view.php?id=CVE-2017-0331

02 May 2017 — An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel 3.10. Android ID: A-34113000. • http://nvidia.custhelp.com/app/answers/detail/a_id/4561 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 7.6EPSS: 0%CPEs: 11EXPL: 0

CVE-2014-9940 – Ubuntu Security Notice USN-3343-2

https://notcve.org/view.php?id=CVE-2014-9940

02 May 2017 — The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application. La función regulator_ena_gpio_free en drivers/regulator/core.c en el kernel de Linux anterior a la versión 3.19 permite a usuarios locales elevar sus privilegios o provocar una denegación de servicio (uso después de liberación) a través de una aplicación especialmente diseñada para aprovechar el fallo. ... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=60a2362f769cf549dc466134efe71c8bf9fbaaba • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-2433

https://notcve.org/view.php?id=CVE-2016-2433

21 Apr 2017 — The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel. El controlador Broadcom Wi-Fi para Android, tal como se usa por BlackBerry smartphones en versiones anteriores a Build AAE570, permite a los atacantes remotos ejecutar el código arbitrario dentro del contexto del kernel. • http://support.blackberry.com/kb/articleDetail?articleNumber=000038167 • CWE-284: Improper Access Control •

CVSS: 4.3EPSS: 0%CPEs: 33EXPL: 0

CVE-2017-3544 – OpenJDK: newline injection in the SMTP client (Networking, 8171533)

https://notcve.org/view.php?id=CVE-2017-3544

21 Apr 2017 — Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded... • http://www.debian.org/security/2017/dsa-3858 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-6726

https://notcve.org/view.php?id=CVE-2016-6726

17 Apr 2017 — Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices. Vulnerabilidad no especificada en componentes Qualcomm en Android en Nexus 6 y dispositivos Android One. • http://www.securityfocus.com/bid/94133 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-6727

https://notcve.org/view.php?id=CVE-2016-6727

17 Apr 2017 — The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code. El subsistema Qualcomm GPS en Android en dispositivos Android One permite a atacantes remotos ejecutar código arbitrario. • http://support.blackberry.com/kb/articleDetail?articleNumber=000038666 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.8EPSS: 0%CPEs: 45EXPL: 0

CVE-2016-1155

https://notcve.org/view.php?id=CVE-2016-1155

13 Apr 2017 — HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies. Vulnerabilidad de inyección de encabezado HTTP en la clase URLConnection en Android OS 2.2 a 6.0 permite a atacantes remotos ejecutar scripts arbitrarios o establecer valores arbitrarios en cookies. • http://www.securityfocus.com/bid/97662 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 10.0EPSS: 0%CPEs: 17EXPL: 0

CVE-2014-7921

https://notcve.org/view.php?id=CVE-2014-7921

13 Apr 2017 — mediaserver in Android 4.0.3 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7920. Mediaserver en Android 4.0.3 a 5.x en versiones anteriores a 5.1 permite a los atacantes obtener privilegios. NOTA: Esta es una vulnerabilidad diferente a CVE-2014-7920. • https://android.googlesource.com/platform/frameworks/av/+/36d1577%5E%21 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 0%CPEs: 41EXPL: 2

CVE-2014-7920

https://notcve.org/view.php?id=CVE-2014-7920

13 Apr 2017 — mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921. Mediaserver en Android 2.2 a 5.x en versiones anteriores a 5.1 permite a los atacantes obtener privilegios. NOTA: Esta es una vulnerabilidad diferente a CVE-2014-7921. • https://github.com/laginimaineb/cve-2014-7920-7921 • CWE-264: Permissions, Privileges, and Access Controls •