Lucene search
K

148 matches found

CVE
CVE
added 2016/11/25 4:0 p.m.52 views

CVE-2016-6707

CVE-2016-6707 affects Android System Server with a local privilege-escalation via ashmem-backed Bitmaps. The issue stems from mismatched memory sizes: ashmem (ASHMEM_SET_SIZE) defines the region size, but memory mappings (mmap) in Parcel::readBlob use a bitmap-derived len, and Bitmap creation sto...

9.3CVSS7.4AI score0.0415EPSS
Exploits2References5Affected Software1
CNVD
CNVD
added 2016/11/10 12:0 a.m.3 views

Google Android System Server Remote Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which System Server is a system server. A remote elevation of privilege vulnerability exists in System Server in Android. An attacker can exploit this vulnerability with a...

9.3CVSS8.1AI score0.0415EPSS
Exploits2References1
CNVD
CNVD
added 2016/10/13 12:0 a.m.3 views

Android system_server Privilege Acquisition Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which System Server is a system server. A privilege acquisition vulnerability exists in systemserver in versions of Android prior to 2016-10-05 on Nexus-based devices. An...

7.8CVSS7.1AI score0.00407EPSS
Exploits0References1
exploitpack
exploitpack
added 2016/10/12 12:0 a.m.11 views

Google Android - Binder Generic ASLR Leak

Google Android - Binder Generic ASLR Leak Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=889 The interaction between the kernel /dev/binder and the usermode Parcel.cpp mean that when a binder object is passed as BINDERTYPEBINDER or BINDERTYPEWEAKBINDER, a pointer to that object...

0.4AI score
Exploits0
OSV
OSV
added 2016/10/10 10:59 a.m.2 views

CVE-2016-6674

systemserver in Android before 2016-10-05 on Nexus devices allows attackers to gain privileges via a crafted application, aka internal bug 30445380...

7.8CVSS5.8AI score0.00407EPSS
Exploits0References2
OSV
OSV
added 2016/10/10 10:59 a.m.3 views

UBUNTU-CVE-2016-6674

systemserver in Android before 2016-10-05 on Nexus devices allows attackers to gain privileges via a crafted application, aka internal bug 30445380...

7.8CVSS7.2AI score0.00407EPSS
Exploits0References3
OSV
OSV
added 2016/04/18 12:59 a.m.5 views

CVE-2016-2412

include/core/SkPostConfig.h in Skia, as used in Systemserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01, mishandles certain crashes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or...

7.8CVSS7.3AI score0.00473EPSS
Exploits0References2
OSV
OSV
added 2016/04/18 12:59 a.m.5 views

UBUNTU-CVE-2016-2412

include/core/SkPostConfig.h in Skia, as used in Systemserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01, mishandles certain crashes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or...

7.8CVSS7.1AI score0.00473EPSS
Exploits0References4
CNVD
CNVD
added 2016/04/07 12:0 a.m.21 views

Android System Server Module Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which System Server is a system server. An elevation of privilege vulnerability exists in the System Server module of Android. A local attacker can exploit this vulnerability t...

9.3CVSS7.6AI score0.00473EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/03/11 12:0 a.m.7 views

The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the System Server component in the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information through a specially created application...

4.3CVSS5.5AI score0.0043EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/03/11 12:0 a.m.9 views

The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information or enhance their privileges

The vulnerability of the System Server component in the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information or enhance their privileges through a specially...

4.3CVSS5.5AI score0.0043EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/01/19 12:0 a.m.7 views

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system’s DNS server relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through specially crafted requests from a remote location...

9.3CVSS6AI score0.29614EPSS
Exploits0References2
CNVD
CNVD
added 2015/12/10 12:0 a.m.5 views

Android System Server Information Disclosure Vulnerability (CNVD-2015-08051)

Android is a cell phone operating system based on the Linux open kernel. A security vulnerability exists in the implementation of System Server in versions prior to Android 6.0 2015-12-01, which can be exploited by a remote attacker to gain access to sensitive information via a constructed...

4.3CVSS6.6AI score0.0043EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/10 12:0 a.m.4 views

Android System Server Information Disclosure Vulnerability

Android is a cell phone operating system based on the Linux open kernel. Versions of System Server prior to Android 6.0 2015-12-01 have a security vulnerability in their implementation, which can be exploited by a remote attacker to gain access to sensitive information and then elevate privileges...

4.3CVSS6.7AI score0.0043EPSS
Exploits0References1
NVD
NVD
added 2015/12/08 11:59 p.m.15 views

CVE-2015-6625

System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information and consequently gain privileges via a crafted application, aka internal bug 23936840...

4.3CVSS6AI score0.0043EPSS
Exploits0References1
NVD
NVD
added 2015/12/08 11:59 p.m.17 views

CVE-2015-6624

System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23999740...

4.3CVSS5.9AI score0.0043EPSS
Exploits0References1
Prion
Prion
added 2015/12/08 11:59 p.m.15 views

Code injection

System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23999740...

4.3CVSS6.4AI score0.0043EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2015/12/08 11:0 p.m.25 views

CVE-2015-6625

System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information and consequently gain privileges via a crafted application, aka internal bug 23936840...

6AI score0.0043EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/12/08 11:0 p.m.20 views

CVE-2015-6624

System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23999740...

5.9AI score0.0043EPSS
Exploits0References1
CVE
CVE
added 2015/12/08 11:0 p.m.44 views

CVE-2015-6624

CVE-2015-6624 affects Android 6.0 and earlier builds; System Server information disclosure allows a crafted application to obtain sensitive permissions (Signature or SignatureOrSystem). The vulnerability is described as a local information-disclosure in System Server, enabling access to restricte...

4.3CVSS6AI score0.0043EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder