Skip to main content
CVE-2017-0527 HIGH PATCH This Week

An elevation of privilege vulnerability in the HTC Sensor Hub Driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0526 HIGH PATCH This Week

An elevation of privilege vulnerability in the HTC Sensor Hub Driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0524 HIGH PATCH This Week

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0519 HIGH This Week

An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Qualcomm RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0457 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0456 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0463 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0525 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0520 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow RCE Qualcomm Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0464 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0460 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm networking driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0458 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0453 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Google Qualcomm Memory Corruption +1
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2016-8417 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Privilege Escalation Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0521 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Qualcomm Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0518 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0516 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm input hardware driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Linux Kernel
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2017-0517 HIGH PATCH This Week

An elevation of privilege vulnerability in the MediaTek hardware sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

RCE Google Mediatek Android
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0523 HIGH PATCH This Week

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm RCE Google Linux Kernel Android
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-0488 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0487 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0486 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0485 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0484 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0483 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0482 MEDIUM This Month

A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2016-8483 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2017-0336 MEDIUM PATCH This Month

An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nvidia Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-0334 MEDIUM PATCH This Month

An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nvidia Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-0494 MEDIUM This Month

An information disclosure vulnerability in AOSP Messaging could enable a remote attacker using a special crafted file to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2017-0529 MEDIUM PATCH This Month

An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Mediatek Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0495 MEDIUM This Month

An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0489 MEDIUM This Month

An elevation of privilege vulnerability in Location Manager could enable a local malicious application to bypass operating system protections for location data. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0490 MEDIUM This Month

An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to delete user data. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0499 MEDIUM This Month

A denial of service vulnerability in Audioserver could enable a local malicious application to cause a device hang or reboot. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0496 MEDIUM PATCH This Month

A denial of service vulnerability in Setup Wizard could allow a local malicious application to temporarily block access to an affected device. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0492 MEDIUM This Month

An elevation of privilege vulnerability in the System UI could enable a local malicious application to create a UI overlay covering the entire screen. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Google Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-0491 MEDIUM This Month

An elevation of privilege vulnerability in Package Manager could enable a local malicious application to prevent users from uninstalling applications or removing permissions from applications. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-9985 MEDIUM PATCH This Month

IBM Cognos Server 10.1.1 and 10.2 stores highly sensitive information in log files that could be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure Cognos Business Intelligence
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2017-0498 MEDIUM This Month

A denial of service vulnerability in Setup Wizard could allow a local attacker to require Google account sign-in after a factory reset. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2016-9006 MEDIUM This Month

IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Urbancode Deploy
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-5894 MEDIUM PATCH This Month

IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Websphere Commerce
NVD
CVSS 3.0
5.1
EPSS
0.1%
CVE-2017-0537 MEDIUM PATCH This Month

An information disclosure vulnerability in the kernel USB gadget driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0534 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0533 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0531 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0461 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2017-0459 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2016-8413 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
CVE-2016-8477 MEDIUM PATCH This Month

An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Linux Kernel
NVD
CVSS 3.0
4.7
EPSS
0.3%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy