Jake Corina

#10437de 53,633
26.5CVSS total
Vulnerabilidades · 4
Baixa
1
Alta
3
PT-2020-3429
8.8
2020-05-19
Google · Google Chrome · CVE-2020-6468
**Nome do software vulnerável e versões afetadas** Versões do Google Chrome anteriores à 83.0.4103.61 **Descrição** O problema está relacionado a uma confusão de tipos no motor JavaScript V8, permitindo que um invasor remoto possa explorar uma corrupção de heap por meio de uma página HTML maliciosa. Isso poderia permitir que o invasor acessasse dados confidenciais, comprometesse a integridade dos dados e causasse uma negação de serviço. **Recomendações** Para versões anteriores à 83.0.4103.61, atualize para a versão 83.0.4103.61 ou posterior para resolver o problema. Como solução temporária, considere restringir o acesso a páginas HTML potencialmente maliciosas para minimizar o risco de exploração.
PT-2017-13984
2.3
2017-12-22
Huawei · Honor 8 · CVE-2017-15307
**Name of the Vulnerable Software and Affected Versions** Huawei Honor 8 smartphone versions earlier than FRD-L04C567B389 Huawei Honor 8 smartphone versions earlier than FRD-L14C567B389 **Description** The issue is related to improper authorization configuration on specific device information, leading to a permission control problem. **Recommendations** For versions earlier than FRD-L04C567B389, update to a version later than FRD-L04C567B389. For versions earlier than FRD-L14C567B389, update to a version later than FRD-L14C567B389.
PT-2017-10649
7.8
2017-09-08
Mediatek · Mediatek Kernel · CVE-2017-0802
**Name of the Vulnerable Software and Affected Versions** Android kernel **Description** The issue is related to an elevation of privilege vulnerability in the MediaTek kernel, affecting Android products. **Recommendations** For Android kernel, apply the fix referenced by Android ID: A-36232120 to resolve the issue.
PT-2017-2306
7.6
2017-06-14
Google · Android · CVE-2017-0636
**Name of the Vulnerable Software and Affected Versions** Android (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the MediaTek command queue driver. It could allow a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. The vulnerability is associated with insufficient access control in the MediaTek driver. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.