|
248001
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /firmware/ whi…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-11907
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248002
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a security concern with default privileged access to ADB and debug-fs.
|
CWE-276
Incorrect Default Permissions
|
CVE-2018-11906
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248003
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, freeing device memory in driver probe failure will result in double free issue in power modu…
|
CWE-415
Double Free
|
CVE-2018-11823
|
2024-11-21 12:44 |
2018-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248004
|
4.2 |
MEDIUM
Physics
|
samsung
|
840_evo_firmware
|
An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-12038
|
2024-11-21 12:44 |
2018-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248005
|
4.0 |
MEDIUM
Physics
|
samsung
micron
|
840_evo_firmware
850_evo_firmware
t3_firmware
t5_firmware
crucial_mx100_firmware
crucial_mx200_firmware
crucial_mx300_firmware
|
An issue was discovered on Samsung 840 EVO and 850 EVO devices (only in "ATA high" mode, not vulnerable in "TCG" or "ATA max" mode), Samsung T3 and T5 portable drives, and Crucial MX100, MX200 and MX…
|
NVD-CWE-noinfo
|
CVE-2018-12037
|
2024-11-21 12:44 |
2018-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248006
|
7.8 |
HIGH
Local
|
intel
|
parallel_studio_xe
|
Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12174
|
2024-11-21 12:44 |
2018-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248007
|
8.1 |
HIGH
Network
|
apache
|
hive
|
In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on HiveServer2 machines are not properly protected against malicious user if ranger, sentry or sql standard authorizer is not in use.
|
NVD-CWE-noinfo
|
CVE-2018-11777
|
2024-11-21 12:44 |
2018-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248008
|
7.8 |
HIGH
Local
|
qualcomm
|
sd_835_firmware
sd_845_firmware
sd_850_firmware
sda660_firmware
|
Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11884
|
2024-11-21 12:44 |
2018-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248009
|
7.8 |
HIGH
Local
|
qualcomm
|
sd_835_firmware
sd_845_firmware
sd_850_firmware
sda660_firmware
|
Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11882
|
2024-11-21 12:44 |
2018-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248010
|
7.8 |
HIGH
Local
|
qualcomm
|
sd_835_firmware
sd_845_firmware
sd_850_firmware
sda660_firmware
|
Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11880
|
2024-11-21 12:44 |
2018-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
