|
246861
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Anyone can execute proptrigger.sh which will lead to change in properties.
|
CWE-269
Improper Privilege Management
|
CVE-2018-11965
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246862
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-11964
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246863
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Buffer overread may occur due to non-null terminated strings while processing vsprintf in ca…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11963
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246864
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possibility of accessing out of bound vector index When updating some GNSS configurations.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11961
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246865
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, A use after free condition can occur in the SPS driver which can lead to error in kernel.
|
CWE-416
Use After Free
|
CVE-2018-11960
|
2024-11-21 12:44 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246866
|
6.5 |
MEDIUM
Network
|
apache
|
oozie
|
Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name.
|
CWE-20
Improper Input Validation
|
CVE-2018-11799
|
2024-11-21 12:44 |
2018-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246867
|
5.5 |
MEDIUM
Local
|
intel
|
quickassist_technology_for_linux
|
Improper configuration of hardware access in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-12206
|
2024-11-21 12:44 |
2018-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246868
|
4.2 |
MEDIUM
Physics
|
avantimarkets
|
market_card
|
A vulnerability in the UPC bar code of the Avanti Markets MarketCard could allow an unauthenticated, local attacker to access funds within the customer's MarketCard balance, and also could lead to Cu…
|
CWE-200
Information Exposure
|
CVE-2018-12076
|
2024-11-21 12:44 |
2018-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246869
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in WLAN function due to lack of input validation in values received…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11905
|
2024-11-21 12:44 |
2018-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246870
|
5.5 |
MEDIUM
Local
|
intel
|
integrated_performance_primitives
|
Data leakage in cryptographic libraries for Intel IPP before 2019 update1 release may allow an authenticated user to potentially enable information disclosure via local access.
|
CWE-200
Information Exposure
|
CVE-2018-12155
|
2024-11-21 12:44 |
2018-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
