|
267181
|
7.8 |
HIGH
Local
|
google
|
android
|
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2432
|
2024-11-21 11:48 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267182
|
7.8 |
HIGH
Local
|
google
|
android
|
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), and Android One devices allows attackers to gain privileges via a crafted application, aka internal …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2431
|
2024-11-21 11:48 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267183
|
7.8 |
HIGH
Local
|
google
|
android
|
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to gain privileges via an application containin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2430
|
2024-11-21 11:48 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267184
|
9.8 |
CRITICAL
Network
|
google
|
android
|
libFLAC/stream_decoder.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not prevent free operations on uninitialized memory, which …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2429
|
2024-11-21 11:48 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267185
|
9.8 |
CRITICAL
Network
|
google
|
android
|
libAACdec/src/aacdec_drc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limit the number of threads, which allows …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2428
|
2024-11-21 11:48 |
2016-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267186
|
7.8 |
HIGH
Local
|
accellion
|
file_transfer_appliance
|
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows local users to add an SSH key to an arbitrary group, and consequently gain privileges, via unspecified vectors.
|
CWE-264
NVD-CWE-Other
Permissions, Privileges, and Access Controls
|
CVE-2016-2353
|
2024-11-21 11:48 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267187
|
8.8 |
HIGH
Network
|
accellion
|
file_transfer_appliance
|
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote authenticated users to execute arbitrary commands by leveraging the YUM_CLIENT restricted-user role.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2352
|
2024-11-21 11:48 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267188
|
9.8 |
CRITICAL
Network
|
accellion
|
file_transfer_appliance
|
SQL injection vulnerability in home/seos/courier/security_key2.api on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote attackers to execute arbitrary SQL commands via the …
|
CWE-89
SQL Injection
|
CVE-2016-2351
|
2024-11-21 11:48 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267189
|
6.1 |
MEDIUM
Network
|
accellion
|
file_transfer_appliance
|
Multiple cross-site scripting (XSS) vulnerabilities on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allow remote attackers to inject arbitrary web script or HTML via unspecified inp…
|
CWE-79
Cross-site Scripting
|
CVE-2016-2350
|
2024-11-21 11:48 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267190
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
|
CWE-269
Improper Privilege Management
|
CVE-2016-2854
|
2024-11-21 11:48 |
2016-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
