In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in the rmnet USB control driver can potentially lead to a Use After. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a specially crafted UBI image, it is possible to corrupt memory, or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the boot loader, a buffer overflow can occur while parsing the splash image. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the kernel driver MDSS, a buffer overflow can occur in HDMI CEC parsing if frame. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a qbt1000 ioctl handler, an incorrect buffer size check has an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an integer overflow leading to a buffer overflow due to improper bound checking in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, possible buffer overflow or information leak in the functions "sme_set_ft_ies" and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, camera application triggers "user-memory-access" issue as the Camera CPP module Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
An elevation of privilege vulnerability in the MediaTek soc driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability in the MediaTek ioctl (flashlight). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability in the Upstream kernel video driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability in the Android system (bluetooth). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a user-space pointer is directly accessed in a camera driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the qcacld pktlog allows mapping memory via /proc/ath_pktlog/cld to user space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the boot image header, range checks can be bypassed by supplying. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc fails to allocate memory for pointers resp/req in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing UBI image, size is not validated for being smaller than minimum header. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, array access out of bounds may occur in the camera driver in the kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
An elevation of privilege vulnerability in the Upstream kernel kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability in the MediaTek ccci. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
An elevation of privilege vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_ENCRYPTION_TEST cfg80211. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video (SDV) or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
A Resource Exhaustion issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A denial of service vulnerability in the Android framework (syncstorageengine). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing OEM unlock/unlock-go fastboot commands data leak may occur, resulting. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer over-read is possible in camera driver function msm_isp_stop_stats_stream. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in __wlan_hdd_cfg80211_set_pmksa when user space. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
An information disclosure vulnerability in the Android media framework (libstagefright). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
An information disclosure vulnerability in the Android media framework (libeffects). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the ISP Camera driver, the contents of an arbitrary kernel address can be leaked to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Another vulnerability in the Android media framework (n/a). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Another vulnerability in the Android media framework (n/a). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Another vulnerability in the Android media framework (n/a). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A denial of service vulnerability in the Android media framework (libhevc). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, missing race condition protection while updating msg mask table can lead to buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the function audio_effects_shared_ioctl(), memory corruption. Rated high severity (CVSS 7.0).
A vulnerability in the debug interface of Cisco IP Phone 8800 series could allow an authenticated, local attacker to execute arbitrary commands, aka Debug Shell Command Injection. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
An untrusted search path (aka DLL Preload) vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
An untrusted search path (aka DLL Preloading) vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 deauthentication frames during the delivery process, which makes it easier for (1) delivery drivers to freeze a camera and re-enter a house. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
dayrui FineCms 5.2.0 before 2017.11.16 has Cross Site Scripting (XSS) in core/M_Controller.php via the DR_URI field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.