|
267891
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with JBP(4.2) and KK(4.4) (Marvell chipsets) software. The ACIPC-MSOCKET driver allows local privilege escalation via a stack-based buffer overflow. …
|
CWE-787
Out-of-bounds Write
|
CVE-2016-11047
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267892
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with JBP(4.3), KK(4.4), and L(5.0/5.1) software. Because of a misused whitelist, attackers can reach the radio layer (aka RIL or RILD) to place calls…
|
CWE-20
Improper Input Validation
|
CVE-2016-11046
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267893
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. The Gallery library allow memory corruption via a malformed image. The Samsung ID is SVE-2016-5317 (May 2016).
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-11045
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267894
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (with Fingerprint support) software. The check of an application's signature can be bypassed during installation. The Sams…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2016-11044
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267895
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with M(6.0) software. The S/MIME implementation in EAS uses DES (where 3DES is intended). The Samsung ID is SVE-2016-5871 (June 2016).
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-11043
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267896
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. There is a SIM Lock bypass. The Samsung ID is SVE-2016-5381 (June 2016).
|
CWE-287
Improper Authentication
|
CVE-2016-11042
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267897
|
4.6 |
MEDIUM
Physics
|
google
|
android
|
An issue was discovered on Samsung mobile devices with KK(4.4) software. Attackers can bypass the lockscreen by sending an AT command over USB. The Samsung ID is SVE-2015-5301 (June 2016).
|
CWE-287
Improper Authentication
|
CVE-2016-11041
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267898
|
9.8 |
CRITICAL
Network
|
odata4j_project
|
odata4j
|
odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
|
CWE-89
SQL Injection
|
CVE-2016-11024
|
2024-11-21 11:45 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267899
|
9.8 |
CRITICAL
Network
|
odata4j_project
|
odata4j
|
odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
|
CWE-89
SQL Injection
|
CVE-2016-11023
|
2024-11-21 11:45 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267900
|
7.2 |
HIGH
Network
|
netgear
|
prosafe_wc9500_firmware
prosafe_wc7600_firmware
prosafe_wc7520_firmware
|
NETGEAR Prosafe WC9500 5.1.0.17, WC7600 5.1.0.17, and WC7520 2.5.0.35 devices allow a remote attacker to execute code with root privileges via shell metacharacters in the reqMethod parameter to login…
|
CWE-78
OS Command
|
CVE-2016-11022
|
2024-11-21 11:45 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
