|
246561
|
6.1 |
MEDIUM
Network
|
symantec
|
security_analytics
|
The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP…
|
CWE-79
Cross-site Scripting
|
CVE-2018-12241
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246562
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a partition name-check variable is not reset for every iteration which may cause improper te…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11995
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246563
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper mounting lead to device node and executable to be run from /dsp/ which presents a p…
|
NVD-CWE-noinfo
|
CVE-2018-11956
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246564
|
6.5 |
MEDIUM
Adjacent
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, the UPnP daemon should not be running out of box because it enables port forwarding without …
|
NVD-CWE-noinfo
|
CVE-2018-11946
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246565
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing fastboot flash command, memory leak or unexpected behavior may occur due to…
|
CWE-665
Improper Initialization
|
CVE-2018-11943
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246566
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a potential heap overflow and memory corruption due to improper error handling in S…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11919
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246567
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, memory allocated is automatically released by the kernel if the 'probe' function fails with …
|
CWE-415
Double Free
|
CVE-2018-11918
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246568
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /systemrw/ whi…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-11914
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246569
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of dev nodes may lead to potential security issue.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-11913
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246570
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of daemons may lead to unprivileged access.
|
CWE-269
Improper Privilege Management
|
CVE-2018-11912
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
