|
268231
|
7.8 |
HIGH
Local
|
google
|
android
|
Off-by-one error in CORE/HDD/src/wlan_hdd_cfg.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial of …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6676
|
2024-11-21 11:56 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268232
|
7.8 |
HIGH
Local
|
google
|
android
|
Off-by-one error in CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to gain privileges or cause a denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-6675
|
2024-11-21 11:56 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268233
|
7.8 |
HIGH
Local
|
google
|
android
|
system_server in Android before 2016-10-05 on Nexus devices allows attackers to gain privileges via a crafted application, aka internal bug 30445380.
|
CWE-20
Improper Input Validation
|
CVE-2016-6674
|
2024-11-21 11:56 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268234
|
7.8 |
HIGH
Local
|
google
|
android
|
The NVIDIA camera driver in Android before 2016-10-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 30204201.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6673
|
2024-11-21 11:56 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268235
|
7.8 |
HIGH
Local
|
google
|
android
|
The Synaptics touchscreen driver in Android before 2016-10-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 30537088.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-6672
|
2024-11-21 11:56 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268236
|
7.5 |
HIGH
Network
|
pivotal_software
|
cloud_foundry_cf_mysql
|
The MariaDB audit_plugin component in Pivotal Cloud Foundry (PCF) cf-mysql-release 27 and 28 allows remote attackers to obtain sensitive information by reading syslog messages, as demonstrated by cle…
|
CWE-200
Information Exposure
|
CVE-2016-6653
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268237
|
6.1 |
MEDIUM
Network
|
cisco
|
hostscan_engine
|
Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2016-6436
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268238
|
6.5 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.
|
CWE-200
Information Exposure
|
CVE-2016-6435
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268239
|
7.8 |
HIGH
Local
|
cisco
|
firepower_management_center
|
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.
|
CWE-287
Improper Authentication
|
CVE-2016-6434
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268240
|
8.8 |
HIGH
Network
|
cisco
|
firepower_management_center
|
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug …
|
CWE-20
Improper Input Validation
|
CVE-2016-6433
|
2024-11-21 11:56 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
