Total
5279 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9955 | 1 Google | 1 Android | 2018-05-08 | 10.0 HIGH | 9.8 CRITICAL |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384686. | |||||
| CVE-2016-10230 | 1 Google | 1 Android | 2018-05-04 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability in the Qualcomm crypto driver. Product: Android. Versions: Android kernel. Android ID: A-34389927. References: QC-CR#1091408. | |||||
| CVE-2016-10231 | 1 Google | 1 Android | 2018-05-04 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the Qualcomm sound codec driver. Product: Android. Versions: Android kernel. Android ID: A-33966912. References: QC-CR#1096799. | |||||
| CVE-2016-10232 | 1 Google | 1 Android | 2018-05-04 | 9.3 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-34386696. References: QC-CR#1024872. | |||||
| CVE-2016-10233 | 1 Google | 1 Android | 2018-05-04 | 10.0 HIGH | 9.8 CRITICAL |
| An elevation of privilege vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-34389926. References: QC-CR#897452. | |||||
| CVE-2016-10299 | 1 Google | 1 Android | 2018-05-04 | 10.0 HIGH | 9.8 CRITICAL |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32577244. | |||||
| CVE-2016-10298 | 1 Google | 1 Android | 2018-05-04 | 10.0 HIGH | 9.8 CRITICAL |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393252. | |||||
| CVE-2016-8484 | 1 Google | 1 Android | 2018-05-04 | 10.0 HIGH | 9.8 CRITICAL |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823575. | |||||
| CVE-2016-8487 | 1 Google | 1 Android | 2018-05-04 | 10.0 HIGH | 9.8 CRITICAL |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823724. | |||||
| CVE-2016-8488 | 1 Google | 1 Android | 2018-05-04 | 10.0 HIGH | 9.8 CRITICAL |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-31625756. | |||||
| CVE-2015-9015 | 1 Google | 1 Android | 2018-05-04 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714120. | |||||
| CVE-2015-9016 | 1 Google | 1 Android | 2018-05-02 | 6.9 MEDIUM | 7.0 HIGH |
| In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046. | |||||
| CVE-2016-10457 | 1 Qualcomm | 52 Mdm9206, Mdm9206 Firmware, Mdm9607 and 49 more | 2018-05-02 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, app is requesting more permissions than required. | |||||
| CVE-2016-10451 | 1 Qualcomm | 56 Mdm9206, Mdm9206 Firmware, Mdm9607 and 53 more | 2018-05-02 | 7.2 HIGH | 7.8 HIGH |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, privilege escalation may occur due to inherently insecure treatment of local files. | |||||
| CVE-2013-2929 | 1 Linux | 1 Linux Kernel | 2018-04-27 | 3.3 LOW | N/A |
| The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h. | |||||
| CVE-2014-9583 | 2 Asus, T-mobile | 4 Rt-ac66u, Rt-n66u, Wrt Firmware and 1 more | 2018-04-26 | 10.0 HIGH | N/A |
| common.c in infosvr in ASUS WRT firmware 3.0.0.4.376_1071, 3.0.0.376.2524-g0013f52, and other versions, as used in RT-AC66U, RT-N66U, and other routers, does not properly check the MAC address for a request, which allows remote attackers to bypass authentication and execute arbitrary commands via a NET_CMD_ID_MANU_CMD packet to UDP port 9999. NOTE: this issue was incorrectly mapped to CVE-2014-10000, but that ID is invalid due to its use as an example of the 2014 CVE ID syntax change. | |||||
| CVE-2014-5443 | 1 Seafile | 1 Seafile Server | 2018-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Seafile Server before 3.1.2 and Server Professional Edition before 3.1.0 allow local users to gain privileges via vectors related to ccnet handling user accounts. | |||||
| CVE-2013-1768 | 1 Apache | 1 Openjpa | 2018-04-19 | 7.5 HIGH | N/A |
| The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs. | |||||
| CVE-2016-7786 | 1 Sophos | 2 Cyberoam Cr25ing Utm, Cyberoam Cr25ing Utm Firmware | 2018-04-18 | 9.0 HIGH | 8.8 HIGH |
| Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 allows remote authenticated users to bypass intended access restrictions via direct object reference, as demonstrated by a request for Licenseinformation.jsp. This is fixed in 10.6.5. | |||||
| CVE-2016-8482 | 1 Google | 1 Android | 2018-04-17 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. References: N-CVE-2016-8482. | |||||