|
267251
|
5.5 |
MEDIUM
Local
|
google
|
android
|
exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sen…
|
CWE-200
Information Exposure
|
CVE-2016-2415
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267252
|
6.2 |
MEDIUM
Local
|
google
|
android
|
The Minikin library in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider negative size values in font data, which allows remote attackers to cause a…
|
CWE-20
Improper Input Validation
|
CVE-2016-2414
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267253
|
7.8 |
HIGH
Local
|
google
|
android
|
media/libmedia/IOMX.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a handle pointer, which allows attackers to gain privileges via…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2413
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267254
|
7.8 |
HIGH
Local
|
google
|
android
|
include/core/SkPostConfig.h in Skia, as used in System_server in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01, mishandles certain crashes, which allows …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2412
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267255
|
6.5 |
MEDIUM
Local
|
google
|
android
|
A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages root access, aka internal bug 26866053.
|
CWE-20
Improper Input Validation
|
CVE-2016-2411
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267256
|
7.4 |
HIGH
Local
|
google
|
android
|
A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this driver, aka inte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2410
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267257
|
8.1 |
HIGH
Network
|
google
|
android
|
A Texas Instruments (TI) haptic kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this d…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2409
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267258
|
5.3 |
MEDIUM
Network
|
magento
|
magento
|
The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class in app/code/core/Mage/Rss/Helper/Order.php in Magento Enterprise Edition before 1.14.2.3 and Magento Community Edition before 1.…
|
CWE-200
Information Exposure
|
CVE-2016-2212
|
2024-11-21 11:48 |
2016-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267259
|
8.8 |
HIGH
Network
|
cacti
opensuse
|
cacti
leap
opensuse
|
auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2313
|
2024-11-21 11:48 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267260
|
6.5 |
MEDIUM
Network
|
python_imaging_project
python
debian
|
python_imaging
pillow
debian_linux
|
Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2533
|
2024-11-21 11:48 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
