|
265781
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with JBP(4.3), KK(4.4), and L(5.0/5.1) software. Because of a misused whitelist, attackers can reach the radio layer (aka RIL or RILD) to place calls…
|
CWE-20
Improper Input Validation
|
CVE-2016-11046
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265782
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. The Gallery library allow memory corruption via a malformed image. The Samsung ID is SVE-2016-5317 (May 2016).
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-11045
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265783
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (with Fingerprint support) software. The check of an application's signature can be bypassed during installation. The Sams…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2016-11044
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265784
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with M(6.0) software. The S/MIME implementation in EAS uses DES (where 3DES is intended). The Samsung ID is SVE-2016-5871 (June 2016).
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-11043
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265785
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. There is a SIM Lock bypass. The Samsung ID is SVE-2016-5381 (June 2016).
|
CWE-287
Improper Authentication
|
CVE-2016-11042
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265786
|
4.6 |
MEDIUM
Physics
|
google
|
android
|
An issue was discovered on Samsung mobile devices with KK(4.4) software. Attackers can bypass the lockscreen by sending an AT command over USB. The Samsung ID is SVE-2015-5301 (June 2016).
|
CWE-287
Improper Authentication
|
CVE-2016-11041
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265787
|
9.8 |
CRITICAL
Network
|
odata4j_project
|
odata4j
|
odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
|
CWE-89
SQL Injection
|
CVE-2016-11024
|
2024-11-21 11:45 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265788
|
9.8 |
CRITICAL
Network
|
odata4j_project
|
odata4j
|
odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
|
CWE-89
SQL Injection
|
CVE-2016-11023
|
2024-11-21 11:45 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265789
|
7.2 |
HIGH
Network
|
netgear
|
prosafe_wc9500_firmware
prosafe_wc7600_firmware
prosafe_wc7520_firmware
|
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login…
|
CWE-78
OS Command
|
CVE-2016-11022
|
2024-11-21 11:45 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265790
|
6.5 |
MEDIUM
Network
|
zohocorp
|
manageengine_password_manager_pro
|
In ZOHO Password Manager Pro (PMP) 8.3.0 (Build 8303) and 8.4.0 (Build 8400,8401,8402), underprivileged users can obtain sensitive information (entry password history) via a vulnerable hidden service.
|
CWE-200
Information Exposure
|
CVE-2016-1159
|
2024-11-21 11:45 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
