ScottyBauer

32 exploits Active since Apr 2015
CVE-2017-11014 GITHUB HIGH c WORKING POC
Google Android - Buffer Overflow
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE in a Roam Neighbor Action Report, a buffer overflow can occur.
682 stars
CVSS 7.8
CVE-2018-9355 GITHUB CRITICAL c WORKING POC
Google Android - Out-of-Bounds Write
In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74016921.
682 stars
CVSS 9.8
CVE-2017-11013 GITHUB HIGH c WORKING POC
Google Android - Buffer Overflow
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boundary check against "pIe->arraybound".
682 stars
CVSS 7.8
CVE-2015-0572 GITHUB HIGH c WORKING POC
Linux Kernel < 3.19.8 - Race Condition
Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (zero-value write) or possibly have unspecified other impact via a COMPAT_FASTRPC_IOCTL_INVOKE_FD ioctl call.
682 stars
CVSS 7.0
CVE-2016-0822 GITHUB HIGH c WORKING POC
Android 6.0.1 - Privilege Escalation
The MediaTek connectivity kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application that leverages conn_launcher access, aka internal bug 25873324.
682 stars
CVSS 7.0
CVE-2016-2061 GITHUB HIGH c WORKING POC
Linux kernel 3.x - Privilege Escalation
Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory corruption) via a crafted application that triggers an msm_isp_axi_create_stream call.
682 stars
CVSS 7.8
CVE-2016-2445 GITHUB HIGH c WORKING POC
Google Android < 6.0.1 - Access Control
The NVIDIA media driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27253079.
682 stars
CVSS 7.0
CVE-2016-2465 GITHUB HIGH c WORKING POC
Qualcomm video driver - Privilege Escalation
The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407865.
682 stars
CVSS 7.8
CVE-2016-2469 GITHUB HIGH c WORKING POC
Qualcomm sound driver - Privilege Escalation
The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27531992.
682 stars
CVSS 7.8
CVE-2016-2474 GITHUB HIGH c WORKING POC
Qualcomm Wi-Fi driver - Privilege Escalation
The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 27424603.
682 stars
CVSS 7.8
CVE-2016-2501 GITHUB HIGH c WORKING POC
Google Android < 6.0.1 - Access Control
The Qualcomm camera driver in Android before 2016-07-05 on Nexus 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 27890772 and Qualcomm internal bug CR1001092.
682 stars
CVSS 7.8
CVE-2016-3794 GITHUB c WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-3814. Reason: This candidate is a reservation duplicate of CVE-2016-3814. Notes: All CVE users should reference CVE-2016-3814 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
682 stars
CVE-2016-3797 GITHUB HIGH c WORKING POC
Qualcomm Wi-Fi Driver - Privilege Escalation
The Qualcomm Wi-Fi driver in Android before 2016-07-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28085680 and Qualcomm internal bug CR1001450.
682 stars
CVSS 7.8
CVE-2016-3813 GITHUB MEDIUM c WORKING POC
Qualcomm USB driver - Info Disclosure
The Qualcomm USB driver in Android before 2016-07-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28172322 and Qualcomm internal bug CR1010222.
682 stars
CVSS 5.5
CVE-2016-3815 GITHUB MEDIUM c WORKING POC
NVIDIA Camera Driver - Info Disclosure
The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28522274.
682 stars
CVSS 5.5
CVE-2016-3867 GITHUB HIGH c WORKING POC
Qualcomm IPA Driver - Privilege Escalation
The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28919863 and Qualcomm internal bug CR1037897.
682 stars
CVSS 7.8
CVE-2016-3868 GITHUB HIGH c WORKING POC
Android <2016-09-05 - Privilege Escalation
The Qualcomm power driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28967028 and Qualcomm internal bug CR1032875.
682 stars
CVSS 7.8
CVE-2016-3893 GITHUB MEDIUM c WORKING POC
Qualcomm sound codec - Info Disclosure
The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29512527 and Qualcomm internal bug CR856400.
682 stars
CVSS 5.5
CVE-2016-3902 GITHUB MEDIUM c WORKING POC
Qualcomm IPA <2016-10-05 - Info Disclosure
drivers/platform/msm/ipa/ipa_qmi_service.c in the Qualcomm IPA driver in Android before 2016-10-05 on Nexus 5X and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29953313 and Qualcomm internal bug CR 1044072.
682 stars
CVSS 5.5
CVE-2016-3928 GITHUB HIGH c WORKING POC
Android <2016-10-05 - Privilege Escalation
The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019362 and MediaTek internal bug ALPS02829384.
682 stars
CVSS 7.8
CVE-2016-3937 GITHUB HIGH c WORKING POC
Android <2016-10-05 - Privilege Escalation
The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30030994 and MediaTek internal bug ALPS02834874.
682 stars
CVSS 7.8
CVE-2017-0451 GITHUB MEDIUM c WORKING POC
Google Android < 7.1.1 - Information Disclosure
An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31796345. References: QC-CR#1073129.
682 stars
CVSS 4.7
CVE-2017-0504 GITHUB HIGH c WORKING POC
Android - Privilege Escalation
An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30074628. References: M-ALPS02829371.
682 stars
CVSS 7.8
CVE-2017-0516 GITHUB HIGH c WORKING POC
Android Kernel <3.18 - Privilege Escalation
An elevation of privilege vulnerability in the Qualcomm input hardware driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32341680. References: QC-CR#1096301.
682 stars
CVSS 7.0
CVE-2017-0518 GITHUB HIGH c WORKING POC
Android Kernel 3.18 - Privilege Escalation
An elevation of privilege vulnerability in the Qualcomm fingerprint sensor driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32370896. References: QC-CR#1086530.
682 stars
CVSS 7.0