codecat007

166 exploits Active since May 2014
CVE-2016-0844 GITHUB HIGH c WORKING POC
Qualcomm RF driver <2016-04-01 - Privilege Escalation
The Qualcomm RF driver in Android 6.x before 2016-04-01 does not properly restrict access to socket ioctl calls, which allows attackers to gain privileges via a crafted application, aka internal bug 26324307.
8 stars
CVSS 8.4
CVE-2016-10285 GITHUB HIGH c WORKING POC
Linux Kernel - Access Control
An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33752702. References: QC-CR#1104899.
8 stars
CVSS 7.0
CVE-2016-10288 GITHUB HIGH c WORKING POC
Linux Kernel - Access Control
An elevation of privilege vulnerability in the Qualcomm LED driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33863909. References: QC-CR#1109763.
8 stars
CVSS 7.0
CVE-2016-10290 GITHUB HIGH c WORKING POC
Linux Kernel - Access Control
An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33898330. References: QC-CR#1109782.
8 stars
CVSS 7.0
CVE-2016-10294 GITHUB MEDIUM c WORKING POC
Linux Kernel - Information Disclosure
An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33621829. References: QC-CR#1105481.
8 stars
CVSS 4.7
CVE-2016-10295 GITHUB MEDIUM c WORKING POC
Linux Kernel - Information Disclosure
An information disclosure vulnerability in the Qualcomm LED driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33781694. References: QC-CR#1109326.
8 stars
CVSS 4.7
CVE-2016-10296 GITHUB MEDIUM c WORKING POC
Linux Kernel - Information Disclosure
An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33845464. References: QC-CR#1109782.
8 stars
CVSS 4.7
CVE-2016-3865 GITHUB HIGH c WORKING POC
Synaptics touchscreen driver <2016-09-05 - Privilege Escalation
The Synaptics touchscreen driver in Android before 2016-09-05 on Nexus 5X and 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28799389.
8 stars
CVSS 7.8
CVE-2016-3867 GITHUB HIGH c WORKING POC
Qualcomm IPA Driver - Privilege Escalation
The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28919863 and Qualcomm internal bug CR1037897.
8 stars
CVSS 7.8
CVE-2016-3869 GITHUB HIGH c WORKING POC
Broadcom Wi-Fi driver - Privilege Escalation
The Broadcom Wi-Fi driver in Android before 2016-09-05 on Nexus 5, Nexus 6, Nexus 6P, Nexus 9, Nexus Player, and Pixel C devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29009982 and Broadcom internal bug RB#96070.
8 stars
CVSS 7.8
CVE-2016-3906 GITHUB MEDIUM c WORKING POC
Android <2016-11-05 - Info Disclosure
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30445973. References: Qualcomm QC-CR#1054344.
8 stars
CVSS 5.5
CVE-2016-6725 GITHUB CRITICAL c STUB
Google Android < 7.0 - Improper Access Control
A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Android ID: A-30515053. References: Qualcomm QC-CR#1050970.
8 stars
CVSS 9.8
CVE-2016-6738 GITHUB HIGH c WORKING POC
Google Android < 7.1.0 - Access Control
An elevation of privilege vulnerability in the Qualcomm crypto engine driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30034511. References: Qualcomm QC-CR#1050538.
8 stars
CVSS 7.8
CVE-2016-6740 GITHUB HIGH c STUB
Google Android < 7.1.0 - Access Control
An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30143904. References: Qualcomm QC-CR#1056307.
8 stars
CVSS 7.8
CVE-2016-6741 GITHUB HIGH c STUB
Google Android < 7.1.0 - Access Control
An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30559423. References: Qualcomm QC-CR#1060554.
8 stars
CVSS 7.8
CVE-2016-6742 GITHUB HIGH c WORKING POC
Google Android < 7.0 - Access Control
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30799828.
8 stars
CVSS 7.8
CVE-2016-6744 GITHUB HIGH c WORKING POC
Google Android < 7.0 - Access Control
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30970485.
8 stars
CVSS 7.8
CVE-2016-6745 GITHUB HIGH c WORKING POC
Google Android < 7.1.0 - Access Control
An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-31252388.
8 stars
CVSS 7.8
CVE-2016-8464 GITHUB HIGH c WORKING POC
Android Kernel 3.10/3.18 - Privilege Escalation
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29000183. References: B-RB#106314.
8 stars
CVSS 7.0
CVE-2017-0329 GITHUB HIGH c WORKING POC
Android Kernel <3.18 - Privilege Escalation
An elevation of privilege vulnerability in the NVIDIA boot and power management processor driver could enable a local malicious application to execute arbitrary code within the context of the boot and power management processor. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.18. Android ID:A-34115304. References: N-CVE-2017-0329.
8 stars
CVSS 7.0
CVE-2017-0332 GITHUB HIGH c STUB
Linux Kernel - Out-of-Bounds Write
An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-33812508. References: N-CVE-2017-0332.
8 stars
CVSS 7.0
CVE-2017-0432 GITHUB HIGH c WORKING POC
Android Kernel 3.10 - Privilege Escalation
An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-28332719.
8 stars
CVSS 7.0
CVE-2017-0434 GITHUB HIGH c WORKING POC
Android Kernel 3.18 - Privilege Escalation
An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33001936.
8 stars
CVSS 7.0
CVE-2017-0446 GITHUB HIGH c WORKING POC
Android Kernel 3.18 - Privilege Escalation
An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32917445.
8 stars
CVSS 7.0
CVE-2017-13281 GITHUB CRITICAL c WORKING POC
Google Android - Memory Corruption
In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible stack buffer overflow due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-71603262.
8 stars
CVSS 9.8