|
264841
|
7.0 |
HIGH
Local
|
google
|
android
|
drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5868
|
2024-11-21 11:55 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264842
|
7.3 |
HIGH
Network
|
automatedlogic
carrier
|
i-vu
sitescan_web
automatedlogic_webctrl
|
An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 and prior, ALC WebCTRL Version 6.5 and prior, and Carrier i-Vu Version 6.5 and prior. An attacker cou…
|
CWE-611
XXE
|
CVE-2016-5795
|
2024-11-21 11:55 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264843
|
7.5 |
HIGH
Network
|
westermo
|
mrd-305-din_firmware
mrd-315-din_firmware
mrd-355-din_firmware
mrd-455-din_firmware
|
A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded privat…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2016-5816
|
2024-11-21 11:55 |
2017-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264844
|
5.3 |
MEDIUM
Network
|
redhat
|
jboss_enterprise_application_platform
|
Get requests in JBoss Enterprise Application Platform (EAP) 7 disclose internal IP addresses to remote attackers.
|
CWE-200
Information Exposure
|
CVE-2016-6311
|
2024-11-21 11:55 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264845
|
5.5 |
MEDIUM
Local
|
redhat
|
enterprise_virtualization
|
oVirt Engine discloses the ENGINE_HTTPS_PKI_TRUST_STORE_PASSWORD in /var/log/ovirt-engine/engine.log file in RHEV before 4.0.
|
CWE-200
Information Exposure
|
CVE-2016-6310
|
2024-11-21 11:55 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264846
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated.
|
CWE-20
Improper Input Validation
|
CVE-2016-5872
|
2024-11-21 11:55 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264847
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow to buffer overflow vulnerability exists when loading an image file.
|
CWE-119
CWE-190
Incorrect Access of Indexable Resource ('Range Error')
Integer Overflow or Wraparound
|
CVE-2016-5871
|
2024-11-21 11:55 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264848
|
7.0 |
HIGH
Local
|
google
|
android
|
In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5867
|
2024-11-21 11:55 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264849
|
7.8 |
HIGH
Local
|
google
|
android
|
In an audio driver function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, some parameters are from userspace, and if they are set to a large value, integer overfl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5864
|
2024-11-21 11:55 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264850
|
7.8 |
HIGH
Local
|
google
|
android
|
In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5863
|
2024-11-21 11:55 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
