|
254821
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, untrusted pointer dereference in update_userspace_power() function in power leads to in…
|
CWE-200
CWE-476
Information Exposure
NULL Pointer Dereference
|
CVE-2017-15833
|
2024-11-21 12:15 |
2018-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254822
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function wma_ndp_end_indication_event_handler(), there is no input validation ch…
|
CWE-20
CWE-190
Improper Input Validation
Integer Overflow or Wraparound
|
CVE-2017-15831
|
2024-11-21 12:15 |
2018-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254823
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper ch_list array index initialization in function sme_set_plm_request() causes po…
|
CWE-119
CWE-129
Incorrect Access of Indexable Resource ('Range Error')
Improper Validation of Array Index
|
CVE-2017-15830
|
2024-11-21 12:15 |
2018-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254824
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in msm_flash_subdev_do_ioctl of drivers/media/platform/msm/camera_v2/sensor/flash/msm_f…
|
CWE-200
CWE-125
Information Exposure
Out-of-bounds Read
|
CVE-2017-15814
|
2024-11-21 12:15 |
2018-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254825
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function wma_p2p_noa_event_handler(), there is no bound check on a value coming …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15821
|
2024-11-21 12:15 |
2018-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254826
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a potential buffer overflow can happen when processing any 802.11 MGMT frames like Auth…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15815
|
2024-11-21 12:15 |
2018-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254827
|
6.1 |
MEDIUM
Network
|
wicket-jquery-ui_project
|
wicket-jquery-ui
|
In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to …
|
CWE-79
Cross-site Scripting
|
CVE-2017-15719
|
2024-11-21 12:15 |
2018-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254828
|
7.5 |
HIGH
Network
|
apache
|
geode
|
In Apache Geode before v1.4.0, the Geode server stores application objects in serialized form. Certain cluster operations and API invocations cause these objects to be deserialized. A user with DATA:…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-15693
|
2024-11-21 12:15 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254829
|
9.8 |
CRITICAL
Network
|
apache
|
geode
|
In Apache Geode before v1.4.0, the TcpServer within the Geode locator opens a network port that deserializes data. If an unprivileged user gains access to the Geode locator, they may be able to cause…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-15692
|
2024-11-21 12:15 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254830
|
7.5 |
HIGH
Network
|
apache
|
geode
|
When an Apache Geode cluster before v1.4.0 is operating in secure mode, the Geode configuration service does not properly authorize configuration requests. This allows an unprivileged user who gains …
|
CWE-200
Information Exposure
|
CVE-2017-15696
|
2024-11-21 12:15 |
2018-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
