|
268431
|
9.8 |
CRITICAL
Network
|
google
|
android
|
Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmi_qos_srvc.c. Android ID: 31805216. References: QC CR#912775.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-8411
|
2024-11-21 11:59 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268432
|
7.8 |
HIGH
Local
|
libbpg_project
|
libbpg
|
An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causin…
|
CWE-787
Out-of-bounds Write
|
CVE-2016-8710
|
2024-11-21 11:59 |
2017-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268433
|
7.8 |
HIGH
Local
|
lenovo
|
transition
|
Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges.
|
CWE-284
Improper Access Control
|
CVE-2016-8227
|
2024-11-21 11:59 |
2017-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268434
|
4.9 |
MEDIUM
Network
|
lenovo
|
system_x3650_m5_bios
flex_system_x280_m6_bios
system_x3500_m5_bios
flex_system_x240_m5_bios
system_x3250_m6_bios
system_x3550_m5_bios
flex_system_x880_x6_bios
nextscale_nx360_m5_…
|
The BIOS in Lenovo System X M5, M6, and X6 systems allows administrators to cause a denial of service via updating a UEFI data structure.
|
CWE-19
Data Processing Errors
|
CVE-2016-8226
|
2024-11-21 11:59 |
2017-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268435
|
7.8 |
HIGH
Local
|
lenovo
|
edge_keyboard_driver
slim_usb_keyboard_driver
|
Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges.
|
CWE-428
Unquoted Search Path or Element
|
CVE-2016-8225
|
2024-11-21 11:59 |
2017-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268436
|
6.1 |
MEDIUM
Network
|
emc
|
rsa_security_analytics
|
EMC RSA Security Analytics 10.5.3 and 10.6.2 contains fixes for a Reflected Cross-Site Scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.
|
CWE-79
Cross-site Scripting
|
CVE-2016-8215
|
2024-11-21 11:59 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268437
|
6.7 |
MEDIUM
Local
|
emc
|
avamar_virtual_edition
avamar_data_store
|
EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3.0 and 7.3.1 contain a vulnerability that may allow malicious administrators to compromise Avamar servers.
|
CWE-275
Permission Issues
|
CVE-2016-8214
|
2024-11-21 11:59 |
2017-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268438
|
6.1 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_peopletools
|
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Mobile Application Platform). Supported versions that are affected are 8.54 and 8.55. Eas…
|
CWE-254
7PK - Security Features
|
CVE-2016-8329
|
2024-11-21 11:59 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268439
|
3.7 |
LOW
Network
|
oracle
|
jre
jdk
|
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unau…
|
NVD-CWE-noinfo
|
CVE-2016-8328
|
2024-11-21 11:59 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268440
|
4.4 |
MEDIUM
Network
|
oracle
|
mysql
|
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to explo…
|
NVD-CWE-noinfo
|
CVE-2016-8327
|
2024-11-21 11:59 |
2017-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
