|
251951
|
5.5 |
MEDIUM
Local
|
google
|
android
|
While flashing a meta image, a buffer over-read can potentially occur when the number of images are out of the maximum range of 32 in Android releases from CAF using the linux kernel (Android for MSM…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14872
|
2024-11-21 12:13 |
2018-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251952
|
8.8 |
HIGH
Network
|
sierrawireless
|
gx440_firmware
es440_firmware
ls300_firmware
gx400_firmware
es450_firmware
rv50_firmware
rv50x_firmware
mp70_firmware
mp70e_firmware
gx450_firmware
|
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.5 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9 could allo…
|
CWE-20
Improper Input Validation
|
CVE-2017-15043
|
2024-11-21 12:13 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251953
|
4.8 |
MEDIUM
Network
|
genixcms
|
genixcms
|
Cross-site scripting (XSS) vulnerability in GeniXCMS 1.1.0 allows remote authenticated users to inject arbitrary web script or HTML via the Menu ID when adding a menu.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14740
|
2024-11-21 12:13 |
2018-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251954
|
9.1 |
CRITICAL
Network
|
agentejo
|
cockpit
|
SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued ah…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2017-14611
|
2024-11-21 12:13 |
2018-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251955
|
7.3 |
HIGH
Network
|
google
|
android
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in wma_vdev_start_resp_handler(), vd…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14894
|
2024-11-21 12:13 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251956
|
7.3 |
HIGH
Network
|
google
|
android
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the processing of an SWBA event, …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14890
|
2024-11-21 12:13 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251957
|
7.8 |
HIGH
Local
|
google
|
android
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while IPA WAN-driver is processing m…
|
CWE-362
Race Condition
|
CVE-2017-14880
|
2024-11-21 12:13 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251958
|
7.8 |
HIGH
Local
|
google
|
android
|
In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-19, the return value of q6asm_open_shared_io() is not checked properly potentially leading t…
|
CWE-20
Improper Input Validation
|
CVE-2017-14892
|
2024-11-21 12:13 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251959
|
5.3 |
MEDIUM
Network
|
google
|
android
|
In the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-12, the contents of the stack can get leaked due to an uninitialized variable.
|
CWE-200
Information Exposure
|
CVE-2017-14891
|
2024-11-21 12:13 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251960
|
9.8 |
CRITICAL
Network
|
google
|
android
|
While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, a use-after-free condition may potentially occur.
|
CWE-416
Use After Free
|
CVE-2017-14881
|
2024-11-21 12:13 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
