|
253081
|
4.8 |
MEDIUM
Network
|
genixcms
|
genixcms
|
Cross-site scripting (XSS) vulnerability in GeniXCMS 1.1.0 allows remote authenticated users to inject arbitrary web script or HTML via the Menu ID when adding a menu.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14740
|
2024-11-21 12:13 |
2018-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253082
|
9.1 |
CRITICAL
Network
|
agentejo
|
cockpit
|
SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued ah…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2017-14611
|
2024-11-21 12:13 |
2018-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253083
|
7.3 |
HIGH
Network
|
google
|
android
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in wma_vdev_start_resp_handler(), vd…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14894
|
2024-11-21 12:13 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253084
|
7.3 |
HIGH
Network
|
google
|
android
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the processing of an SWBA event, …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14890
|
2024-11-21 12:13 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253085
|
7.8 |
HIGH
Local
|
google
|
android
|
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while IPA WAN-driver is processing m…
|
CWE-362
Race Condition
|
CVE-2017-14880
|
2024-11-21 12:13 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253086
|
7.8 |
HIGH
Local
|
google
|
android
|
In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-19, the return value of q6asm_open_shared_io() is not checked properly potentially leading t…
|
CWE-20
Improper Input Validation
|
CVE-2017-14892
|
2024-11-21 12:13 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253087
|
5.3 |
MEDIUM
Network
|
google
|
android
|
In the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-12, the contents of the stack can get leaked due to an uninitialized variable.
|
CWE-200
Information Exposure
|
CVE-2017-14891
|
2024-11-21 12:13 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253088
|
9.8 |
CRITICAL
Network
|
google
|
android
|
While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, a use-after-free condition may potentially occur.
|
CWE-416
Use After Free
|
CVE-2017-14881
|
2024-11-21 12:13 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253089
|
9.8 |
CRITICAL
Network
|
google
|
android
|
While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no mutex lock of allocated memory. If one thread sends an ioctl cm…
|
CWE-416
Use After Free
|
CVE-2017-14877
|
2024-11-21 12:13 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253090
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In the function wma_unified_power_debug_stats_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-18, if the value param_buf->num_debug_register received from the F…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14883
|
2024-11-21 12:13 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
