chengjia4574

32 exploits Active since Feb 2016
CVE-2016-0805 GITHUB HIGH c WORKING POC
Android <4.4.4, <5.1.1 LMY49G, <2016-02-01 - Privilege Escalation
The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204.
8 stars
CVSS 8.4
CVE-2016-0844 GITHUB HIGH c WORKING POC
Qualcomm RF driver <2016-04-01 - Privilege Escalation
The Qualcomm RF driver in Android 6.x before 2016-04-01 does not properly restrict access to socket ioctl calls, which allows attackers to gain privileges via a crafted application, aka internal bug 26324307.
8 stars
CVSS 8.4
CVE-2016-10285 GITHUB HIGH c WORKING POC
Linux Kernel - Elevation of Privilege in Qualcomm Video Driver
An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33752702. References: QC-CR#1104899.
8 stars
CVSS 7.0
CVE-2016-10288 GITHUB HIGH c WORKING POC
Linux Kernel 3.18 - Local Privilege Escalation via Qualcomm LED Driver
An elevation of privilege vulnerability in the Qualcomm LED driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33863909. References: QC-CR#1109763.
8 stars
CVSS 7.0
CVE-2016-10290 GITHUB HIGH c WORKING POC
Linux Kernel - Elevation of Privilege in Qualcomm Shared Memory Driver
An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33898330. References: QC-CR#1109782.
8 stars
CVSS 7.0
CVE-2016-10294 GITHUB MEDIUM c WORKING POC
Linux Kernel - Information Disclosure in Qualcomm Power Driver
An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33621829. References: QC-CR#1105481.
8 stars
CVSS 4.7
CVE-2016-10295 GITHUB MEDIUM c WORKING POC
Linux Kernel - Information Disclosure in Qualcomm LED Driver
An information disclosure vulnerability in the Qualcomm LED driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33781694. References: QC-CR#1109326.
8 stars
CVSS 4.7
CVE-2016-10296 GITHUB MEDIUM c WORKING POC
Linux Kernel - Information Disclosure via Qualcomm Shared Memory Driver
An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33845464. References: QC-CR#1109782.
8 stars
CVSS 4.7
CVE-2016-6725 GITHUB CRITICAL c STUB
Android < 7.0 - Remote Code Execution in Qualcomm Crypto Driver
A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Android ID: A-30515053. References: Qualcomm QC-CR#1050970.
8 stars
CVSS 9.8
CVE-2016-6740 GITHUB HIGH c STUB
Android < 7.1.0 - Elevation of Privilege via Qualcomm Camera Driver
An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30143904. References: Qualcomm QC-CR#1056307.
8 stars
CVSS 7.8
CVE-2016-6741 GITHUB HIGH c STUB
Android < 7.1.0 - Elevation of Privilege in Qualcomm Camera Driver
An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30559423. References: Qualcomm QC-CR#1060554.
8 stars
CVSS 7.8
CVE-2016-6744 GITHUB HIGH c WORKING POC
Android < 7.0 - Elevation of Privilege in Synaptics Touchscreen Driver
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30970485.
8 stars
CVSS 7.8
CVE-2016-8464 GITHUB HIGH c WORKING POC
Android Kernel 3.10/3.18 - Privilege Escalation
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29000183. References: B-RB#106314.
8 stars
CVSS 7.0
CVE-2017-0332 GITHUB HIGH c STUB
Linux Kernel - Out-of-bounds Write in NVIDIA Crypto Driver
An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-33812508. References: N-CVE-2017-0332.
8 stars
CVSS 7.0
CVE-2017-0432 GITHUB HIGH c WORKING POC
Android Kernel 3.10 - Privilege Escalation
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-28332719.
8 stars
CVSS 7.0
CVE-2017-0434 GITHUB HIGH c WORKING POC
Android Kernel 3.18 - Privilege Escalation
An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33001936.
8 stars
CVSS 7.0
CVE-2017-0446 GITHUB HIGH c WORKING POC
Android Kernel 3.18 - Privilege Escalation
An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32917445.
8 stars
CVSS 7.0
CVE-2017-0447 GITHUB HIGH c WORKING POC
Android Kernel 3.18 - Privilege Escalation
An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32919560.
8 stars
CVSS 7.0
CVE-2017-0524 GITHUB HIGH c WORKING POC
Android Kernel <3.18 - Privilege Escalation
An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33002026.
8 stars
CVSS 7.0
CVE-2017-0536 GITHUB MEDIUM c WORKING POC
Linux Kernel - Information Disclosure in Synaptics Touchscreen Driver
An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33555878.
8 stars
CVSS 4.7
CVE-2017-0624 GITHUB MEDIUM c WORKING POC
Android Kernel 3.10/3.18 - Info Disclosure
An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34327795. References: QC-CR#2005832.
8 stars
CVSS 5.5
CVE-2017-0744 GITHUB MEDIUM c WRITEUP
Android - Elevation of Privilege in NVIDIA Firmware Processing Code
An elevation of privilege vulnerability in the NVIDIA firmware processing code. Product: Android. Versions: Android kernel. Android ID: A-34112726. References: N-CVE-2017-0744.
8 stars
CVSS 5.3
CVE-2017-10997 GITHUB HIGH c WORKING POC
Android < 8.0 - Memory Corruption via PCIe Register Debugfs Write
In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory.
8 stars
CVSS 7.8
CVE-2017-6426 GITHUB LOW c WORKING POC
Android - Information Disclosure in Qualcomm SPMI Driver
An information disclosure vulnerability in the Qualcomm SPMI driver. Product: Android. Versions: Android kernel. Android ID: A-33644474. References: QC-CR#1106842.
8 stars
CVSS 3.3
CVE-2017-8243 GITHUB HIGH c WORKING POC
Qualcomm MSM and QRD Android - Buffer Overflow in Firmware Image Processing
A buffer overflow can occur in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android when processing a firmware image file.
8 stars
CVSS 7.8