Lucene search

K

48 matches found

CVE
CVE
added 2017/03/07 9:59 p.m.165 views

CVE-2016-10200

Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/...

7CVSS6.8AI score0.00029EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.60 views

CVE-2017-0523

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Andro...

7.6CVSS6.7AI score0.00056EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.58 views

CVE-2017-0477

A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Prod...

7.8CVSS7.6AI score0.00321EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.54 views

CVE-2017-0467

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.52 views

CVE-2017-0475

An elevation of privilege vulnerability in the recovery verifier could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the ope...

9.3CVSS7.2AI score0.00111EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.48 views

CVE-2017-0509

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

9.3CVSS7.2AI score0.0006EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.47 views

CVE-2017-0482

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-3309...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.47 views

CVE-2017-0492

An elevation of privilege vulnerability in the System UI could enable a local malicious application to create a UI overlay covering the entire screen. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation or ...

5.5CVSS5.4AI score0.00084EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.47 views

CVE-2017-0498

A denial of service vulnerability in Setup Wizard could allow a local attacker to require Google account sign-in after a factory reset. This issue is rated as Moderate because it may require a factory reset to repair the device. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID:...

5.5CVSS5.3AI score0.00023EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.46 views

CVE-2017-0466

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.45 views

CVE-2017-0484

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-3329...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.44 views

CVE-2017-0470

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.44 views

CVE-2017-0473

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.44 views

CVE-2017-0494

An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6....

5.5CVSS5.1AI score0.00205EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.44 views

CVE-2017-0506

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical du...

9.3CVSS7.3AI score0.00064EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.44 views

CVE-2017-0532

An information disclosure vulnerability in the MediaTek video codec driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Androi...

4.7CVSS4.3AI score0.00125EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.43 views

CVE-2017-0472

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.43 views

CVE-2017-0502

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical du...

9.3CVSS7.3AI score0.00064EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.42 views

CVE-2017-0474

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.02868EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.42 views

CVE-2017-0481

An elevation of privilege vulnerability in NFC could enable a proximate attacker to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-par...

9.3CVSS7.2AI score0.0006EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.42 views

CVE-2017-0517

An elevation of privilege vulnerability in the MediaTek hardware sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: ...

7.6CVSS6.6AI score0.00064EPSS
CVE
CVE
added 2017/03/20 4:59 p.m.41 views

CVE-2016-5857

The Qualcomm SPCom driver in Android before 7.0 allows local users to execute arbitrary code within the context of the kernel via a crafted application, aka Android internal bug 34386529 and Qualcomm internal bug CR#1094140.

7.8CVSS6.9AI score0.00027EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.41 views

CVE-2017-0469

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.41 views

CVE-2017-0476

A remote code execution vulnerability in AOSP Messaging could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execution within the context of an unprivileged process...

7.8CVSS7.5AI score0.00321EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.41 views

CVE-2017-0479

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

9.3CVSS7.2AI score0.00064EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.41 views

CVE-2017-0491

An elevation of privilege vulnerability in Package Manager could enable a local malicious application to prevent users from uninstalling applications or removing permissions from applications. This issue is rated as Moderate because it is a local bypass of user interaction requirements. Product: An...

5.5CVSS5.4AI score0.00072EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.41 views

CVE-2017-0495

An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1...

5.5CVSS4.9AI score0.00125EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.40 views

CVE-2017-0483

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Andr...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.40 views

CVE-2017-0496

A denial of service vulnerability in Setup Wizard could allow a local malicious application to temporarily block access to an affected device. This issue is rated as Moderate because it may require a factory reset to repair the device. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1. Android I...

5.5CVSS5.2AI score0.00086EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.40 views

CVE-2017-0499

A denial of service vulnerability in Audioserver could enable a local malicious application to cause a device hang or reboot. This issue is rated as Low due to the possibility of a temporary denial of service. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32095713.

7.1CVSS5.2AI score0.00091EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.40 views

CVE-2017-0500

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical du...

9.3CVSS7.3AI score0.00064EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.40 views

CVE-2017-0501

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical du...

9.3CVSS7.3AI score0.00064EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.40 views

CVE-2017-0504

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical du...

9.3CVSS7.3AI score0.00112EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.40 views

CVE-2017-0505

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical du...

9.3CVSS7.3AI score0.03779EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.39 views

CVE-2017-0480

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

9.3CVSS7.2AI score0.00069EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.39 views

CVE-2017-0485

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-3338...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.39 views

CVE-2017-0490

An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to delete user data. This issue is rated as Moderate because it is a local bypass of user interaction requirements that would normally require either user initiation or user permission. Product: Android. Ver...

5.5CVSS5.4AI score0.00095EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.38 views

CVE-2017-0487

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-3375...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.38 views

CVE-2017-0489

An elevation of privilege vulnerability in Location Manager could enable a local malicious application to bypass operating system protections for location data. This issue is rated as Moderate because it could be used to generate inaccurate data. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0...

5.5CVSS5.5AI score0.00107EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.38 views

CVE-2017-0497

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33300701.

5.4CVSS4.9AI score0.00147EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.38 views

CVE-2017-0503

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical du...

9.3CVSS7.3AI score0.00216EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.37 views

CVE-2017-0468

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.37 views

CVE-2017-0478

A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the...

7.8CVSS7.5AI score0.06463EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.37 views

CVE-2017-0486

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-3362...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.37 views

CVE-2017-0529

An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A....

5.5CVSS4.9AI score0.00125EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.36 views

CVE-2017-0488

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-3409...

7.1CVSS5.4AI score0.00284EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.36 views

CVE-2017-0522

An elevation of privilege vulnerability in a MediaTek APK could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High due to the possibility of local arbitrary code execution in a privileged process. Product: Android. ...

9.3CVSS7.2AI score0.00061EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.35 views

CVE-2017-0471

A remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver proces...

9.3CVSS7.6AI score0.00316EPSS