cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-34725,https://securityvulnerability.io/vulnerability/CVE-2024-34725,Potential Arbitrary Code Execution Vulnerability in Linux Kernel's devicemem_server.c,"The vulnerability in the Android Operating System, specifically located in the 'DevmemIntUnexportCtx' function of 'devicemem_server.c', poses a potential risk of arbitrary code execution due to a race condition. This flaw permits attackers to escalate privileges within the kernel without the need for additional execution rights. Notably, user interaction is not required for the exploit, which increases the vulnerability's potential for impact on device security. Addressing this issue is vital for maintaining the integrity and safety of Android devices across various versions.",Linux,Android,7,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-07-09T21:15:00.000Z,0
CVE-2017-0564,https://securityvulnerability.io/vulnerability/CVE-2017-0564,,"An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34276203.",Linux,Android Kernel-3.10 Kernel-3.18,7.8,HIGH,0.0019399999873712659,false,false,false,true,true,false,false,2017-04-07T22:00:00.000Z,0
CVE-2016-8461,https://securityvulnerability.io/vulnerability/CVE-2016-8461,,An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access sensitive data. Product: Android. Versions: Kernel-3.18. Android ID: A-32369621.,Linux,Android Kernel-3.18,5.5,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2017-01-12T20:00:00.000Z,0
CVE-2016-8424,https://securityvulnerability.io/vulnerability/CVE-2016-8424,,"An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31606947. References: N-CVE-2016-8424.",Linux,Android Kernel-3.10,7.8,HIGH,0.0016700000269338489,false,false,false,false,,false,false,2017-01-12T20:00:00.000Z,0
CVE-2016-8454,https://securityvulnerability.io/vulnerability/CVE-2016-8454,,"An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32174590. References: B-RB#107142.",Linux,Android Kernel-3.10 Kernel-3.18,7,HIGH,0.0007099999929778278,false,false,false,false,,false,false,2017-01-12T20:00:00.000Z,0
CVE-2016-8466,https://securityvulnerability.io/vulnerability/CVE-2016-8466,,"An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31822524. References: B-RB#105268.",Linux,Android Kernel-3.10 Kernel-3.18,7,HIGH,0.0007099999929778278,false,false,false,false,,false,false,2017-01-12T20:00:00.000Z,0
CVE-2016-8404,https://securityvulnerability.io/vulnerability/CVE-2016-8404,,"An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31496950.",Linux,Android Kernel-3.10,4.7,MEDIUM,0.0006600000197067857,false,false,false,false,,false,false,2017-01-12T15:00:00.000Z,0
CVE-2016-6779,https://securityvulnerability.io/vulnerability/CVE-2016-6779,,An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31386004.,Linux,Android Kernel-3.10,7,HIGH,0.0007900000200606883,false,false,false,false,,false,false,2017-01-12T15:00:00.000Z,0
CVE-2016-6790,https://securityvulnerability.io/vulnerability/CVE-2016-6790,,"An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.18. Android ID: A-31251628. References: N-CVE-2016-6790.",Linux,Android Kernel-3.18,7.8,HIGH,0.0007900000200606883,false,false,false,false,,false,false,2017-01-12T15:00:00.000Z,0
CVE-2014-9892,https://securityvulnerability.io/vulnerability/CVE-2014-9892,,"The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717.",Linux,"Linux Kernel,Android",5.5,MEDIUM,0.0007699999841861427,false,false,false,false,,false,false,2016-08-06T10:00:00.000Z,0
CVE-2014-9895,https://securityvulnerability.io/vulnerability/CVE-2014-9895,,"drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28750150 and Qualcomm internal bug CR570757, a different vulnerability than CVE-2014-1739.",Linux,"Linux Kernel,Android",5.5,MEDIUM,0.0006799999973736703,false,false,false,false,,false,false,2016-08-06T10:00:00.000Z,0
CVE-2015-8944,https://securityvulnerability.io/vulnerability/CVE-2015-8944,,"The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information by reading this file, aka Android internal bug 28814213 and Qualcomm internal bug CR786116. NOTE: the permissions may be intentional in most non-Android contexts.",Linux,"Linux Kernel,Android",5.5,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2016-08-06T10:00:00.000Z,0
CVE-2014-9870,https://securityvulnerability.io/vulnerability/CVE-2014-9870,,"The Linux kernel before 3.11 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly consider user-space access to the TPIDRURW register, which allows local users to gain privileges via a crafted application, aka Android internal bug 28749743 and Qualcomm internal bug CR561044.",Linux,"Linux Kernel,Android",7.8,HIGH,0.0008099999977275729,false,false,false,false,,false,false,2016-08-06T10:00:00.000Z,0
CVE-2014-9900,https://securityvulnerability.io/vulnerability/CVE-2014-9900,,"The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28803952 and Qualcomm internal bug CR570754.",Linux,"Linux Kernel,Android",5.5,MEDIUM,0.0005699999746866524,false,false,false,false,,false,false,2016-08-06T10:00:00.000Z,0
CVE-2013-2596,https://securityvulnerability.io/vulnerability/CVE-2013-2596,,"Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.",Linux,"Linux Kernel,Android",7.8,HIGH,0.001769999973475933,true,false,false,true,true,false,false,2013-04-13T01:00:00.000Z,0