Total
2592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-11014 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE in a Roam Neighbor Action Report, a buffer overflow can occur. | |||||
| CVE-2017-11013 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boundary check against "pIe->arraybound". | |||||
| CVE-2017-11003 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that the data fits into allotted RAM size. | |||||
| CVE-2017-0782 | 1 Google | 1 Android | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237. | |||||
| CVE-2017-0767 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407. | |||||
| CVE-2017-0614 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35399405. References: QC-CR#1080290. | |||||
| CVE-2017-0594 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444. | |||||
| CVE-2017-0520 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31750232. References: QC-CR#1082636. | |||||
| CVE-2017-0481 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in NFC could enable a proximate attacker to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33434992. | |||||
| CVE-2017-0465 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34112914. References: QC-CR#1110747. | |||||
| CVE-2017-0442 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32871330. References: QC-CR#1092497. | |||||
| CVE-2017-0441 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32872662. References: QC-CR#1095009. | |||||
| CVE-2017-0440 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33252788. References: QC-CR#1095770. | |||||
| CVE-2017-0439 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32450647. References: QC-CR#1092059. | |||||
| CVE-2017-0438 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32402604. References: QC-CR#1092497. | |||||
| CVE-2017-0437 | 2 Google, Linux | 2 Android, Linux Kernel | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32402310. References: QC-CR#1092497. | |||||
| CVE-2017-0327 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.6 HIGH | 7.0 HIGH |
| An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-33893669. References: N-CVE-2017-0327. | |||||
| CVE-2017-0306 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-34132950. References: N-CVE-2017-0306. | |||||
| CVE-2017-0296 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to elevate privilege when tdx.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows TDX Elevation of Privilege Vulnerability". | |||||
| CVE-2017-0176 | 1 Microsoft | 2 Windows Server 2003, Windows Xp | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled. | |||||