|
265891
|
9.8 |
CRITICAL
Network
|
d-link
|
dir-600l_firmware
|
Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) with firmware before FW1.17.B01 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-384
Session Fixation
|
CVE-2016-10405
|
2024-11-21 11:43 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265892
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a driver can potentially leak kernel memory.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10392
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265893
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity.
|
CWE-20
Improper Input Validation
|
CVE-2016-10391
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265894
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, when downloading a file, an excessive amount of memory may be consumed.
|
CWE-399
Resource Management Errors
|
CVE-2016-10390
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265895
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10389
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265896
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application.
|
CWE-16
Configuration
|
CVE-2016-10388
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265897
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario.
|
CWE-20
Improper Input Validation
|
CVE-2016-10387
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265898
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP.
|
CWE-129
Improper Validation of Array Index
|
CVE-2016-10386
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265899
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a use-after-free vulnerability exists in IMS RCS.
|
CWE-416
Use After Free
|
CVE-2016-10385
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265900
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl.
|
CWE-20
Improper Input Validation
|
CVE-2016-10384
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
