4323 matches found
CVE-2016-8455
CVE-2016-8455 describes an elevation of privilege in the Broadcom Wi‑Fi driver affecting Android devices using kernel 3.10 (notably Nexus 6P). A local malicious application could execute arbitrary code in the kernel after compromising a privileged process. The connected documents confirm the issu...
CVE-2016-8426
CVE-2016-8426 affects the NVIDIA GPU driver on Android (kernel-3.10). It is an elevation-of-privilege vulnerability that could let a local malicious app execute arbitrary code in kernel context, potentially causing a local permanent device compromise. The NVD entry cites CVSSv3: LOCAL access, hig...
CVE-2016-8422
An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2016-8423
An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2016-6785
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10...
Privilege escalation
An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not...
DEBIAN-CVE-2016-6762
An elevation of privilege vulnerability in the libziparchive library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not...
CVE-2016-6775
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
Firejail Local Code Execution Vulnerability
Firejail is a set of SUID programs written in C that reduces the risk of security vulnerabilities by restricting the operating environment of untrusted applications using Linux namespaces and seccomp-bpf, a sandboxing mechanism. A local code execution vulnerability exists in Firejail. A local...
Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution Exploit
Exploit for linux platform in category local exploits Both of these issues were reported to the Apport maintainers and a fix was released on 2016-12-14. The CrashDB code injection issue can be tracked with CVE-2016-9949 and the path traversal bug with CVE-2016-9950. An additional problem where...
CVE-2016-6848
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...
CVE-2016-6848
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...
Design/Logic Flaw
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...
CVE-2016-6706
An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to...
UBUNTU-CVE-2016-6706
An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to...
Symantec VIP Access Desktop Local Code Execution Vulnerability
Symantec VIP Access Desktop is a set of online account security protection software from Symantec Symantec. A local code execution vulnerability exists in Symantec VIP Access Desktop versions prior to 2.2.3, which arises from the program failing to filter user-submitted input. A local attacker...
CVE-2016-6737
An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise,...
CVE-2016-6736
An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which...
CVE-2016-6707
An elevation of privilege vulnerability in System Server in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local...
CVE-2016-6700
An elevation of privilege vulnerability in libzipfile in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Critical due to the possibility of ...