Gengjia Chen

9 exploits Active since Oct 2016
CVE-2016-3906 GITHUB MEDIUM c WORKING POC
Android <2016-11-05 - Info Disclosure
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30445973. References: Qualcomm QC-CR#1054344.
8 stars
CVSS 5.5
CVE-2016-6738 GITHUB HIGH c WORKING POC
Google Android < 7.1.0 - Access Control
An elevation of privilege vulnerability in the Qualcomm crypto engine driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30034511. References: Qualcomm QC-CR#1050538.
8 stars
CVSS 7.8
CVE-2016-6742 GITHUB HIGH c WORKING POC
Google Android < 7.0 - Access Control
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30799828.
8 stars
CVSS 7.8
CVE-2016-6745 GITHUB HIGH c WORKING POC
Google Android < 7.1.0 - Access Control
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-31252388.
8 stars
CVSS 7.8
CVE-2016-3935 GITHUB HIGH c WORKING POC
Qualcomm cryptographic engine driver - Privilege Escalation
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999665 and Qualcomm internal bug CR 1046507.
8 stars
CVSS 7.8
CVE-2016-3901 GITHUB HIGH c WORKING POC
Qualcomm cryptographic engine driver - Privilege Escalation
Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999161 and Qualcomm internal bug CR 1046434.
8 stars
CVSS 7.8
CVE-2016-3940 GITHUB HIGH c WORKING POC
Synaptics touchscreen - Privilege Escalation
The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 6P and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 30141991.
8 stars
CVSS 7.8
CVE-2016-6672 GITHUB HIGH c WORKING POC
Google Android < 7.0 - Access Control
The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 30537088.
8 stars
CVSS 7.8
CVE-2016-6690 GITHUB MEDIUM c WORKING POC
Google Android < 7.0 - Improper Access Control
The sound driver in the kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Nexus Player devices allows attackers to cause a denial of service (reboot) via a crafted application, aka internal bug 28838221.
8 stars
CVSS 5.5