|
269521
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl.
|
CWE-20
Improper Input Validation
|
CVE-2016-10384
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269522
|
8.1 |
HIGH
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI.
|
CWE-362
Race Condition
|
CVE-2016-10383
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269523
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient.
|
CWE-284
Improper Access Control
|
CVE-2016-10382
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269524
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.
|
CWE-1
Location
|
CVE-2016-10381
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269525
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.
|
CWE-1
Location
|
CVE-2016-10380
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269526
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hypervisor function is not properly validated.
|
CWE-20
Improper Input Validation
|
CVE-2016-10347
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269527
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-10346
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269528
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in LTE.
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-10344
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269529
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10343
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269530
|
6.1 |
MEDIUM
Network
|
liferay
|
liferay_portal
|
XSS exists in Liferay Portal before 7.0 CE GA4 via a crafted redirect field to modules/apps/foundation/frontend-js/frontend-js-spa-web/src/main/resources/META-INF/resources/init.jsp.
|
CWE-79
Cross-site Scripting
|
CVE-2016-10404
|
2024-11-21 11:43 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
