RSS   Vulnerabilities for 'Android'   RSS

2017-12-27
 
CVE-2015-7889

CWE-275
 

 
The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent.

 
2017-12-06
 
CVE-2017-6276

CWE-416
 

 
NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android: A-63802421. References: N-CVE-2017-6276.

 
 
CVE-2017-6263

CWE-416
 

 
NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to improper usage of the list_for_each kernel macro which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android ID: A-38046353. References: N-CVE-2017-6263.

 
 
CVE-2017-6262

CWE-416
 

 
NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android ID: A-38045794. References: N-CVE-2017-6262.

 
 
CVE-2017-13175

CWE-200
 

 
An information disclosure vulnerability in the NVIDIA libwilhelm. Product: Android. Versions: Android kernel. Android ID A-64339309. References: N-CVE-2017-13175.

 
 
CVE-2017-13174

CWE-264
 

 
An elevation of privilege vulnerability in the kernel edl. Product: Android. Versions: Android kernel. Android ID A-63100473.

 
 
CVE-2017-13173

CWE-264
 

 
An elevation of privilege vulnerability in the MediaTek system server. Product: Android. Versions: Android kernel. Android ID A-28067350. References: M-ALPS02672361.

 
 
CVE-2017-13172

CWE-264
 

 
An elevation of privilege vulnerability in the MediaTek bluetooth driver. Product: Android. Versions: Android kernel. Android ID A-36493287. References: M-ALPS03495791.

 
 
CVE-2017-13171

CWE-264
 

 
An elevation of privilege vulnerability in the MediaTek performance service. Product: Android. Versions: Android kernel. Android ID A-64316572. References: M-ALPS03479086.

 
 
CVE-2017-13170

CWE-264
 

 
An elevation of privilege vulnerability in the MediaTek display driver. Product: Android. Versions: Android kernel. Android ID A-36102397. References: M-ALPS03359280.

 


Copyright 2018, cxsecurity.com

 

Back to Top