|
275731
|
7.8 |
HIGH
Local
|
google
|
android
|
An elevation of privilege vulnerability in the Qualcomm sound codec driver. Product: Android. Versions: Android kernel. Android ID: A-33966912. References: QC-CR#1096799.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10231
|
2024-11-21 11:43 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275732
|
9.8 |
CRITICAL
Network
|
google
|
android
|
A remote code execution vulnerability in the Qualcomm crypto driver. Product: Android. Versions: Android kernel. Android ID: A-34389927. References: QC-CR#1091408.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10230
|
2024-11-21 11:43 |
2018-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275733
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a clip with large size values, integer arithmetic overflows, and alloca…
|
CWE-119
CWE-190
Incorrect Access of Indexable Resource ('Range Error')
Integer Overflow or Wraparound
|
CVE-2016-10393
|
2024-11-21 11:43 |
2018-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275734
|
7.2 |
HIGH
Network
|
dotcms
|
dotcms
|
SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via …
|
CWE-89
SQL Injection
|
CVE-2016-10008
|
2024-11-21 11:43 |
2018-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275735
|
7.2 |
HIGH
Network
|
dotcms
|
dotcms
|
SQL injection vulnerability in the "Marketing > Forms" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_FOR…
|
CWE-89
SQL Injection
|
CVE-2016-10007
|
2024-11-21 11:43 |
2018-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275736
|
6.1 |
MEDIUM
Network
|
broadcom
|
advanced_secure_gateway
symantec_proxysg
|
The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7.2.1), ProxySG 6.5 (prior to 6.5.10.6), ProxySG 6.6, and ProxySG 6.7 (prior to 6.7.2.1) management console is susceptible to a ref…
|
CWE-79
Cross-site Scripting
|
CVE-2016-10257
|
2024-11-21 11:43 |
2018-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275737
|
6.1 |
MEDIUM
Network
|
broadcom
|
symantec_proxysg
|
The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management consol…
|
CWE-79
Cross-site Scripting
|
CVE-2016-10256
|
2024-11-21 11:43 |
2018-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275738
|
9.8 |
CRITICAL
Network
|
d-link
|
dir-600l_firmware
|
Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) with firmware before FW1.17.B01 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-384
Session Fixation
|
CVE-2016-10405
|
2024-11-21 11:43 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275739
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a driver can potentially leak kernel memory.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-10392
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275740
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity.
|
CWE-20
Improper Input Validation
|
CVE-2016-10391
|
2024-11-21 11:43 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
