CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2017-0552
https://notcve.org/view.php?id=CVE-2017-0552
07 Apr 2017 — A remote denial of service vulnerability in libavc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34097915. • http://www.securityfocus.com/bid/97336 •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-0565
https://notcve.org/view.php?id=CVE-2017-0565
07 Apr 2017 — An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-28175904. • http://www.securityfocus.com/bid/97349 •
CVSS: 9.3EPSS: 0%CPEs: 11EXPL: 0CVE-2017-0539
https://notcve.org/view.php?id=CVE-2017-0539
07 Apr 2017 — A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33864300. • http://www.securityfocus.com/bid/97330 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 11EXPL: 0CVE-2017-0540
https://notcve.org/view.php?id=CVE-2017-0540
07 Apr 2017 — A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33966031. • http://www.securityfocus.com/bid/97330 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2017-0542
https://notcve.org/view.php?id=CVE-2017-0542
07 Apr 2017 — A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33934721. • http://www.securityfocus.com/bid/97330 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2017-0555
https://notcve.org/view.php?id=CVE-2017-0555
07 Apr 2017 — An information disclosure vulnerability in libavc in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33551775. • http://www.securityfocus.com/bid/97332 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 28EXPL: 0CVE-2017-0558
https://notcve.org/view.php?id=CVE-2017-0558
07 Apr 2017 — An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34056274. • http://www.securityfocus.com/bid/97332 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2017-0548
https://notcve.org/view.php?id=CVE-2017-0548
07 Apr 2017 — A remote denial of service vulnerability in libskia could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33251605. • http://www.securityfocus.com/bid/97398 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5349
https://notcve.org/view.php?id=CVE-2016-5349
06 Apr 2017 — The high level operating systems (HLOS) was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment (QSEE) only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications inside Qualcomm Secure Execution Environment (QSEE) receive memory addresses from a high level operating system (HLOS) such as Linux Android, those address have previously been verified as belonging to HLOS memo... • http://www.securityfocus.com/bid/97364 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-9922
https://notcve.org/view.php?id=CVE-2014-9922
04 Apr 2017 — The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. El subsistema eCryptfs en el kernel de Linux en versiones anteriores a 3.18 permite a los usuarios locales obtener privilegios a través de una pila de archivos grande que incluye una capa de superposición, relacionada con fs/ecryptfs/main.c y fs/overlayfs/super.c. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=69c433ed2ecd2d3264efd7afec4439524b319121 • CWE-264: Permissions, Privileges, and Access Controls •