|
265951
|
7.8 |
HIGH
Local
|
google
|
android
|
In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10238
|
2024-11-21 11:43 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265952
|
7.8 |
HIGH
Local
|
google
|
android
|
If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not …
|
CWE-284
Improper Access Control
|
CVE-2016-10237
|
2024-11-21 11:43 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265953
|
7.5 |
HIGH
Network
|
synology
|
photo_station
|
Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter.
|
CWE-22
Path Traversal
|
CVE-2016-10331
|
2024-11-21 11:43 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265954
|
7.1 |
HIGH
Local
|
synology
|
photo_station
|
Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local users to write to arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2016-10330
|
2024-11-21 11:43 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265955
|
9.8 |
CRITICAL
Network
|
synology
|
photo_station
|
Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' he…
|
CWE-77
Command Injection
|
CVE-2016-10329
|
2024-11-21 11:43 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265956
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderat…
|
CWE-200
Information Exposure
|
CVE-2016-10296
|
2024-11-21 11:43 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265957
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An information disclosure vulnerability in the Qualcomm LED driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because …
|
CWE-200
Information Exposure
|
CVE-2016-10295
|
2024-11-21 11:43 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265958
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becaus…
|
CWE-200
Information Exposure
|
CVE-2016-10294
|
2024-11-21 11:43 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265959
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate becaus…
|
CWE-200
Information Exposure
|
CVE-2016-10293
|
2024-11-21 11:43 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265960
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
A denial of service vulnerability in the Qualcomm Wi-Fi driver could enable a proximate attacker to cause a denial of service in the Wi-Fi subsystem. This issue is rated as High due to the possibilit…
|
CWE-399
Resource Management Errors
|
CVE-2016-10292
|
2024-11-21 11:43 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
