|
264851
|
7.0 |
HIGH
Local
|
google
|
android
|
When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5862
|
2024-11-21 11:55 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264852
|
8.8 |
HIGH
Adjacent
|
google
|
android
|
In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, w…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5861
|
2024-11-21 11:55 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264853
|
7.0 |
HIGH
Local
|
google
|
android
|
In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a h…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5860
|
2024-11-21 11:55 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264854
|
7.0 |
HIGH
Local
|
google
|
android
|
In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a bu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5859
|
2024-11-21 11:55 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264855
|
4.7 |
MEDIUM
Local
|
google
|
android
|
In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs.
|
CWE-200
Information Exposure
|
CVE-2016-5858
|
2024-11-21 11:55 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264856
|
4.7 |
MEDIUM
Local
|
google
|
android
|
In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough.
|
CWE-200
Information Exposure
|
CVE-2016-5855
|
2024-11-21 11:55 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264857
|
4.7 |
MEDIUM
Local
|
google
|
android
|
In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace.
|
CWE-200
Information Exposure
|
CVE-2016-5854
|
2024-11-21 11:55 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264858
|
7.0 |
HIGH
Local
|
google
|
android
|
In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5853
|
2024-11-21 11:55 |
2017-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264859
|
5.9 |
MEDIUM
Network
|
ibm
|
emptoris_strategic_supply_management
|
IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.…
|
CWE-200
Information Exposure
|
CVE-2016-6029
|
2024-11-21 11:55 |
2017-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264860
|
5.4 |
MEDIUM
Network
|
ibm
|
emptoris_strategic_supply_management
|
IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering t…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6021
|
2024-11-21 11:55 |
2017-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
