Lucene search
K

4323 matches found

CVE
CVE
added 2017/01/12 8:0 p.m.51 views

CVE-2016-8455

CVE-2016-8455 describes an elevation of privilege in the Broadcom Wi‑Fi driver affecting Android devices using kernel 3.10 (notably Nexus 6P). A local malicious application could execute arbitrary code in the kernel after compromising a privileged process. The connected documents confirm the issu...

9.3CVSS6.9AI score0.0149EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/01/12 8:0 p.m.48 views

CVE-2016-8426

CVE-2016-8426 affects the NVIDIA GPU driver on Android (kernel-3.10). It is an elevation-of-privilege vulnerability that could let a local malicious app execute arbitrary code in kernel context, potentially causing a local permanent device compromise. The NVD entry cites CVSSv3: LOCAL access, hig...

9.3CVSS7.4AI score0.01619EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/01/12 8:0 p.m.22 views

CVE-2016-8422

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

7.5AI score0.00601EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/01/12 8:0 p.m.22 views

CVE-2016-8423

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

7.5AI score0.00601EPSS
Exploits0References2
NVD
NVD
added 2017/01/12 3:59 p.m.13 views

CVE-2016-6785

An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10...

9.3CVSS6.4AI score0.0136EPSS
Exploits0References2
Prion
Prion
added 2017/01/12 3:59 p.m.25 views

Privilege escalation

An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not...

9.3CVSS7.3AI score0.01606EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/01/12 3:59 p.m.4 views

DEBIAN-CVE-2016-6762

An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not...

7.8CVSS7.7AI score0.00801EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/01/12 3:0 p.m.26 views

CVE-2016-6775

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

7.5AI score0.0179EPSS
Exploits0References3
CNVD
CNVD
added 2017/01/09 12:0 a.m.1 views

Firejail Local Code Execution Vulnerability

Firejail is a set of SUID programs written in C that reduces the risk of security vulnerabilities by restricting the operating environment of untrusted applications using Linux namespaces and seccomp-bpf, a sandboxing mechanism. A local code execution vulnerability exists in Firejail. A local...

8.8CVSS8.8AI score0.00742EPSS
Exploits0References1
0day.today
0day.today
added 2016/12/19 12:0 a.m.80 views

Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution Exploit

Exploit for linux platform in category local exploits Both of these issues were reported to the Apport maintainers and a fix was released on 2016-12-14. The CrashDB code injection issue can be tracked with CVE-2016-9949 and the path traversal bug with CVE-2016-9950. An additional problem where...

9.3CVSS6.8AI score0.17726EPSS
Exploits8
OSV
OSV
added 2016/12/15 6:59 a.m.5 views

CVE-2016-6848

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...

5.5CVSS5.8AI score0.00435EPSS
Exploits0References2
NVD
NVD
added 2016/12/15 6:59 a.m.20 views

CVE-2016-6848

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...

5.5CVSS5.7AI score0.00435EPSS
Exploits0References2
Prion
Prion
added 2016/12/15 6:59 a.m.17 views

Design/Logic Flaw

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...

1.9CVSS7.4AI score0.00435EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/12/13 7:59 p.m.7 views

CVE-2016-6706

An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to...

7.8CVSS7.5AI score0.00749EPSS
Exploits0References3
OSV
OSV
added 2016/12/13 7:59 p.m.3 views

UBUNTU-CVE-2016-6706

An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to...

7.8CVSS7.6AI score0.00749EPSS
Exploits0References4
CNVD
CNVD
added 2016/12/13 12:0 a.m.5 views

Symantec VIP Access Desktop Local Code Execution Vulnerability

Symantec VIP Access Desktop is a set of online account security protection software from Symantec Symantec. A local code execution vulnerability exists in Symantec VIP Access Desktop versions prior to 2.2.3, which arises from the program failing to filter user-submitted input. A local attacker...

7.8CVSS7.7AI score0.00807EPSS
Exploits2References1
OSV
OSV
added 2016/11/25 4:59 p.m.4 views

CVE-2016-6737

An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise,...

7.8CVSS7.6AI score0.00649EPSS
Exploits0References2
OSV
OSV
added 2016/11/25 4:59 p.m.5 views

CVE-2016-6736

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which...

7.8CVSS7.6AI score0.00649EPSS
Exploits0References2
OSV
OSV
added 2016/11/25 4:59 p.m.3 views

CVE-2016-6707

An elevation of privilege vulnerability in System Server in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local...

7.8CVSS6.1AI score
Exploits0References5
OSV
OSV
added 2016/11/25 4:59 p.m.3 views

CVE-2016-6700

An elevation of privilege vulnerability in libzipfile in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Critical due to the possibility of ...

7.8CVSS7.6AI score0.00836EPSS
Exploits1References2
Rows per page
Query Builder