Page 90 of 1004 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31631842. • http://www.securityfocus.com/bid/94704 https://source.android.com/security/bulletin/2016-12-01.html • CWE-284: Improper Access Control •

CVSS: 4.3EPSS: 0%CPEs: 26EXPL: 0

An elevation of privilege vulnerability in the Framework API could enable a local malicious application to access system functions beyond its access level. This issue is rated as Moderate because it is a local bypass of restrictions on a constrained process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-30202228. • http://www.securityfocus.com/bid/94702 https://source.android.com/security/bulletin/2016-12-01.html • CWE-284: Improper Access Control •

CVSS: 7.1EPSS: 0%CPEs: 26EXPL: 0

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31681434. • http://www.securityfocus.com/bid/94688 https://source.android.com/security/bulletin/2016-12-01.html • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31350044. • http://www.securityfocus.com/bid/94683 https://source.android.com/security/bulletin/2016-12-01.html • CWE-284: Improper Access Control •

CVSS: 9.3EPSS: 0%CPEs: 9EXPL: 1

An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31856351. • https://www.exploit-db.com/exploits/40945 http://www.securityfocus.com/bid/94701 https://bugs.chromium.org/p/project-zero/issues/detail?id=958 https://source.android.com/security/bulletin/2016-12-01.html • CWE-264: Permissions, Privileges, and Access Controls •