|
256021
|
9.6 |
CRITICAL
Network
|
atlassian
|
bamboo
|
It was possible for double OGNL evaluation in FreeMarker templates through Struts FreeMarker tags to occur. An attacker who has restricted administration rights to Bamboo or who hosts a website that …
|
CWE-20
Improper Input Validation
|
CVE-2017-14589
|
2024-11-21 12:13 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256022
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the GPS location wireless interface, a Use After Free condition can occur.
|
CWE-416
Use After Free
|
CVE-2017-14918
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256023
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14917
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256024
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14916
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256025
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, handles in the global client structure can become stale.
|
CWE-20
Improper Input Validation
|
CVE-2017-14914
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256026
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a count value that is read from a file is not properly validated.
|
CWE-20
Improper Input Validation
|
CVE-2017-14909
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256027
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the SafeSwitch test application does not properly validate the number of blocks to veri…
|
CWE-20
Improper Input Validation
|
CVE-2017-14908
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256028
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a crafted binder request can cause an arbitrary unmap in MediaServer.
|
CWE-416
Use After Free
|
CVE-2017-14904
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256029
|
7.0 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the GLink kernel driver, a Use After Free condition can pote…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2017-14902
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256030
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while handling the QSEOS_RPMB_CHECK_PROV_STATUS_COMMAND, a userspace buffer is directly…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14897
|
2024-11-21 12:13 |
2017-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
