chromium-browser: extension verification bypass

Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files...

Google Skia Denial of Service Vulnerability

Google Skia is the United States Google Google company's an open source and C + + based graphics library , it can be used in Mozilla Firefox, Google Chrome and other browsers , but also available in the Android open mobile platform . A denial of service vulnerability exists in SkRegion::setPath i...

PT-2017-18515 · Facebook · Whatsapp Messenger

Name of the Vulnerable Software and Affected Versions: Facebook WhatsApp Messenger versions prior to 2.16.323 for Android Description: The application stores files associated with a chat, such as Audio, Documents, Images, Video, and Voice Notes, in cleartext on the SD card, even after the chat is...

CVE-2017-0610

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

UBUNTU-CVE-2017-0591

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

Google Android NVIDIA Crypto Driver elevation of privilege vulnerability (CNVD-2017-05726)

Google Android is a mobile operating system based on the Linux open kernel. An elevation of privilege vulnerability exists in the Google Android NVIDIA Crypto Driver, which can be exploited by an attacker to execute arbitrary code in the kernel context...

Google Android Qualcomm SPMI driver information disclosure vulnerability

Google Android is a mobile operating system based on the Linux open kernel. Google Android suffers from an information disclosure vulnerability in the Qualcomm SPMI driver implementation, which allows remote attackers to exploit the vulnerability by submitting a special application that can acces...

CVE-2017-0332

An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel...

chromium-browser: bad cast in blink

An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting...

CVE-2017-0523

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A...

UBUNTU-CVE-2017-0461

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

UBUNTU-CVE-2017-0507

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing th...

UBUNTU-CVE-2017-0307

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

CVE-2016-8477

An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

UBUNTU-CVE-2017-0504

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

Amazon Kindle Setup DLL Load Native Code Execution Vulnerability

Amazon Kindle Setup is a set of e-book reader installation applications for the Android-based platform from Amazon USA. A local arbitrary code execution vulnerability exists in Amazon Kindle Setup due to the program failing to filter user-submitted input. A local attacker could exploit the...

CVE-2017-5016

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a remote attacker to show certain UI elements on a page they don't control via a crafted HTML page...

CVE-2017-0429

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

UBUNTU-CVE-2017-0436

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

UBUNTU-CVE-2017-0449

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current...