|
278581
|
7.5 |
HIGH
Network
|
jasypt_project
|
jasypt
|
jasypt before 1.9.2 allows a timing attack against the password hash comparison.
|
CWE-200
Information Exposure
|
CVE-2014-9970
|
2024-11-21 11:22 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278582
|
7.8 |
HIGH
Local
|
google
|
android
|
In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9937
|
2024-11-21 11:22 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278583
|
7.0 |
HIGH
Local
|
google
|
android
|
In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel.
|
CWE-362
Race Condition
|
CVE-2014-9936
|
2024-11-21 11:22 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278584
|
7.8 |
HIGH
Local
|
google
|
android
|
In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2014-9935
|
2024-11-21 11:22 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278585
|
7.8 |
HIGH
Local
|
google
|
android
|
A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding.
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2014-9934
|
2024-11-21 11:22 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278586
|
7.8 |
HIGH
Local
|
google
|
android
|
Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access.
|
CWE-20
Improper Input Validation
|
CVE-2014-9933
|
2024-11-21 11:22 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278587
|
7.8 |
HIGH
Local
|
google
|
android
|
In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2014-9932
|
2024-11-21 11:22 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278588
|
7.8 |
HIGH
Local
|
google
|
android
|
A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9931
|
2024-11-21 11:22 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278589
|
7.0 |
HIGH
Local
|
linux
google
|
linux_kernel
android
|
The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted appl…
|
CWE-416
Use After Free
|
CVE-2014-9940
|
2024-11-21 11:22 |
2017-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278590
|
6.5 |
MEDIUM
Network
|
ibm
|
maximo_asset_management
maximo_for_utilities
maximo_for_nuclear_power
tivoli_service_request_manager
change_and_configuration_management_database
tivoli_asset_management_for_it
maxi…
|
IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Sol…
|
CWE-22
Path Traversal
|
CVE-2015-0107
|
2024-11-21 11:22 |
2017-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
