Vulnerabilities > Google > Android > 4.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-06-29 | CVE-2017-3750 | Unspecified vulnerability in Google Android On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749. | 6.9 |
2017-06-29 | CVE-2017-3749 | Unspecified vulnerability in Google Android On Lenovo VIBE mobile phones, the Idea Friend Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3750. | 6.9 |
2017-06-29 | CVE-2017-3748 | Local Privilege Escalation vulnerability in Lenovo VIBE Mobile On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device). | 7.2 |
2017-06-27 | CVE-2015-3840 | Improper Access Control vulnerability in Google Android The MessageStatusReceiver service in the AndroidManifest.XML in Android 5.1.1 and earlier allows local users to alter sent/received statuses of SMS and MMS messages without the associated "WRITE_SMS" permission. | 2.1 |
2017-05-12 | CVE-2017-0625 | Information Exposure vulnerability in Google Android An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. | 4.3 |
2017-05-12 | CVE-2017-0620 | Improper Input Validation vulnerability in multiple products An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-05-12 | CVE-2017-0619 | Privilege Escalation vulnerability in Google Android Qualcomm Pin Controller Driver An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-05-12 | CVE-2017-0618 | Privilege Escalation vulnerability in Google Android Mediatek Command Queue Driver An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-05-12 | CVE-2017-0617 | Privilege Escalation vulnerability in Google Android Mediatek Video Driver An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |
2017-05-12 | CVE-2017-0616 | Privilege Escalation vulnerability in Google Android Mediatek Driver An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.6 |