|
266721
|
7.8 |
HIGH
Local
|
google
|
android
|
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), and Android One devices allows attackers to gain privileges via a crafted application, aka internal …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2431
|
2024-11-21 11:48 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266722
|
7.8 |
HIGH
Local
|
google
|
android
|
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2430
|
2024-11-21 11:48 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266723
|
9.8 |
CRITICAL
Network
|
google
|
android
|
libFLAC/stream_decoder.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not prevent free operations on uninitialized memory, which …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2429
|
2024-11-21 11:48 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266724
|
9.8 |
CRITICAL
Network
|
google
|
android
|
libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limit the number of threads, which allows …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2428
|
2024-11-21 11:48 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266725
|
7.8 |
HIGH
Local
|
accellion
|
file_transfer_appliance
|
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows local users to add an SSH key to an arbitrary group, and consequently gain privileges, via unspecified vectors.
|
CWE-264
NVD-CWE-Other
Permissions, Privileges, and Access Controls
|
CVE-2016-2353
|
2024-11-21 11:48 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266726
|
8.8 |
HIGH
Network
|
accellion
|
file_transfer_appliance
|
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote authenticated users to execute arbitrary commands by leveraging the YUM_CLIENT restricted-user role.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2352
|
2024-11-21 11:48 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266727
|
9.8 |
CRITICAL
Network
|
accellion
|
file_transfer_appliance
|
SQL injection vulnerability in home/seos/courier/security_key2.api on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote attackers to execute arbitrary SQL commands via the …
|
CWE-89
SQL Injection
|
CVE-2016-2351
|
2024-11-21 11:48 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266728
|
6.1 |
MEDIUM
Network
|
accellion
|
file_transfer_appliance
|
Multiple cross-site scripting (XSS) vulnerabilities on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allow remote attackers to inject arbitrary web script or HTML via unspecified inp…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2350
|
2024-11-21 11:48 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266729
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
|
CWE-269
Improper Privilege Management
|
CVE-2016-2854
|
2024-11-21 11:48 |
2016-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266730
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem…
|
CWE-269
Improper Privilege Management
|
CVE-2016-2853
|
2024-11-21 11:48 |
2016-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
