Search Results (26272 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-0634 1 Linux 1 Linux Kernel 2025-04-20 N/A
An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32511682.
CVE-2017-7592 1 Libtiff 1 Libtiff 2025-04-20 N/A
The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2016-5759 2 Novell, Opensuse 3 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Leap 2025-04-20 N/A
The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root.
CVE-2015-7544 1 Redhat 2 Enterprise Virtualization Manager, Rhev Manager 2025-04-20 N/A
redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manager (aka RHEV Manager) before 3.6 allows remote authenticated users with the SuperUser role on any Entity to execute arbitrary commands on any host in the RHEV environment.
CVE-2017-6516 1 Magnicomp 1 Sysinfo 2025-04-20 N/A
A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. This access could be exploited by a local attacker to gain a root shell prompt using the right combination of environment variables and command line arguments.
CVE-2016-10228 2 Gnu, Redhat 2 Glibc, Enterprise Linux 2025-04-20 N/A
The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.
CVE-2016-0726 1 Nagios 1 Nagios 2025-04-20 N/A
The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin" administrator account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials.
CVE-2016-8722 1 Moxa 2 Awk-3131a, Awk-3131a Firmware 2025-04-20 5.3 Medium
An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without authentication can reveal sensitive information to an attacker.
CVE-2016-2987 1 Ibm 6 Rational Doors Next Generation, Rational Engineering Lifecycle Manager, Rational Quality Manager and 3 more 2025-04-20 N/A
An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker.
CVE-2016-8773 1 Huawei 16 S12700, S12700 Firmware, S5300 and 13 more 2025-04-20 N/A
Huawei S5300 with software V200R003C00, V200R007C00, V200R008C00, V200R009C00; S5700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C03, V200R007C00, V200R008C00, V200R009C00; S6300 with software V200R003C00, V200R005C00, V200R008C00, V200R009C00; S6700 with software V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R008C00, V200R009C00; S7700 with software V200R007C00, V200R008C00, V200R009C00; S9300 with software V200R007C00, V200R008C00, V200R009C00; S9700 with software V200R007C00, V200R008C00, V200R009C00; and S12700 with software V200R007C00, V200R007C01, V200R008C00, V200R009C00 allow the attacker to cause a denial of service condition by sending malformed MPLS packets.
CVE-2017-0641 1 Google 1 Android 2025-04-20 N/A
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34360591.
CVE-2016-10337 1 Google 1 Android 2025-04-20 N/A
In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed.
CVE-2016-10338 1 Google 1 Android 2025-04-20 N/A
In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing.
CVE-2016-7821 1 Buffalotech 2 Wnc01wh, Wnc01wh Firmware 2025-04-20 N/A
Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause a denial of service against the management screen via unspecified vectors.
CVE-2016-10339 1 Google 1 Android 2025-04-20 N/A
In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore.
CVE-2017-8269 1 Google 1 Android 2025-04-20 N/A
Userspace-controlled non null terminated parameter for IPA WAN ioctl in all Qualcomm products with Android releases from CAF using the Linux kernel can lead to exposure of kernel memory.
CVE-2016-8885 2 Jasper Project, Redhat 2 Jasper, Enterprise Linux 2025-04-20 N/A
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image.
CVE-2017-0425 1 Google 1 Android 2025-04-20 N/A
An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32720785.
CVE-2017-0426 1 Google 1 Android 2025-04-20 N/A
An information disclosure vulnerability in the Filesystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-32799236.
CVE-2017-0694 1 Google 1 Android 2025-04-20 N/A
A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37093318.