|
266791
|
6.2 |
MEDIUM
Local
|
google
|
android
|
The Minikin library in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider negative size values in font data, which allows remote attackers to cause a…
|
CWE-20
Improper Input Validation
|
CVE-2016-2414
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266792
|
7.8 |
HIGH
Local
|
google
|
android
|
media/libmedia/IOMX.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a handle pointer, which allows attackers to gain privileges via…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2413
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266793
|
7.8 |
HIGH
Local
|
google
|
android
|
include/core/SkPostConfig.h in Skia, as used in System_server in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01, mishandles certain crashes, which allows …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2412
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266794
|
6.5 |
MEDIUM
Local
|
google
|
android
|
A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages root access, aka internal bug 26866053.
|
CWE-20
Improper Input Validation
|
CVE-2016-2411
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266795
|
7.4 |
HIGH
Local
|
google
|
android
|
A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this driver, aka inte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2410
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266796
|
8.1 |
HIGH
Network
|
google
|
android
|
A Texas Instruments (TI) haptic kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this d…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2409
|
2024-11-21 11:48 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266797
|
5.3 |
MEDIUM
Network
|
magento
|
magento
|
The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class in app/code/core/Mage/Rss/Helper/Order.php in Magento Enterprise Edition before 1.14.2.3 and Magento Community Edition before 1.…
|
CWE-200
Information Exposure
|
CVE-2016-2212
|
2024-11-21 11:48 |
2016-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266798
|
8.8 |
HIGH
Network
|
cacti
opensuse
|
cacti
leap
opensuse
|
auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2313
|
2024-11-21 11:48 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266799
|
6.5 |
MEDIUM
Network
|
python_imaging_project
python
debian
|
python_imaging
pillow
debian_linux
|
Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2533
|
2024-11-21 11:48 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266800
|
7.5 |
HIGH
Network
|
hawk_project
|
hawk
|
Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause a denial of service (CPU consumption or partial outage) via a long (1) header or (2) URI that is matched against an improper reg…
|
CWE-399
Resource Management Errors
|
CVE-2016-2515
|
2024-11-21 11:48 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
