|
254831
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in wma_unified_link_radio_stats_event_handler(), the number of radio channels coming from firmware is not properly vali…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-15862
|
2024-11-21 12:15 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254832
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without val…
|
CWE-129
Improper Validation of Array Index
|
CVE-2017-15861
|
2024-11-21 12:15 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254833
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur.
|
CWE-843
Type Confusion
|
CVE-2017-15860
|
2024-11-21 12:15 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254834
|
7.0 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition.
|
CWE-362
Race Condition
|
CVE-2017-15829
|
2024-11-21 12:15 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254835
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a KGSL IOCTL handler, a Use After Free Condition can potentially occur.
|
CWE-416
Use After Free
|
CVE-2017-15820
|
2024-11-21 12:15 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254836
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, when an access point sends a challenge text greater than 128 bytes, the host driver is unable to validate this potentia…
|
CWE-20
Improper Input Validation
|
CVE-2017-15817
|
2024-11-21 12:15 |
2018-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254837
|
6.5 |
MEDIUM
Network
|
apache
|
oozie
|
Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0 and 5.0.0-beta1 to expose private files on the Oozie server process. The malicious user can construct a workflow XML file contain…
|
CWE-22
Path Traversal
|
CVE-2017-15712
|
2024-11-21 12:15 |
2018-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254838
|
6.5 |
MEDIUM
Network
|
apache
|
qpid_dispatch
|
A Denial of Service vulnerability was found in Apache Qpid Dispatch Router versions 0.7.0 and 0.8.0. To exploit this vulnerability, a remote user must be able to establish an AMQP connection to the Q…
|
CWE-20
Improper Input Validation
|
CVE-2017-15699
|
2024-11-21 12:15 |
2018-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254839
|
3.7 |
LOW
Network
|
apache
|
activemq
|
When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text.
|
CWE-200
Information Exposure
|
CVE-2017-15709
|
2024-11-21 12:15 |
2018-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254840
|
8.8 |
HIGH
Network
|
borgbackup
|
borg
|
Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3.
|
NVD-CWE-noinfo
|
CVE-2017-15914
|
2024-11-21 12:15 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
