|
246521
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in TX and RX FIFOs of microcontroller in camera subsystem used to e…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11986
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246522
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, When allocating heap using user supplied size, Possible heap overflow vulnerability due to i…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-11985
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246523
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, A use after free condition and an out-of-bounds access can occur in the DIAG driver.
|
CWE-416
Use After Free
|
CVE-2018-11984
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246524
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Error in kernel observed while accessing freed mask pointers after reallocating memory for m…
|
CWE-416
Use After Free
|
CVE-2018-11983
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246525
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Anyone can execute proptrigger.sh which will lead to change in properties.
|
CWE-269
Improper Privilege Management
|
CVE-2018-11965
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246526
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-11964
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246527
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Buffer overread may occur due to non-null terminated strings while processing vsprintf in ca…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11963
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246528
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possibility of accessing out of bound vector index When updating some GNSS configurations.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11961
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246529
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, A use after free condition can occur in the SPS driver which can lead to error in kernel.
|
CWE-416
Use After Free
|
CVE-2018-11960
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246530
|
6.5 |
MEDIUM
Network
|
apache
|
oozie
|
Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name.
|
CWE-20
Improper Input Validation
|
CVE-2018-11799
|
2024-11-21 12:44 |
2018-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
