244401
|
7.8 |
HIGH
ローカル
|
google
|
android
|
The mdss mdp3 driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate user-space data, which allows attackers to gain privileges via a crafted application,…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9879
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244402
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate VEN_IOCTL_GET_SEQUENCE_HDR ioctl calls, which allows attac…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9880
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244403
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices uses an incorrect integer data type, which allows attackers to gain privileges or ca…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9881
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244404
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Buffer overflow in drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, ak…
|
CWE-119
バッファエラー
|
CVE-2014-9882
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244405
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive inform…
|
CWE-191
整数アンダーフロー
|
CVE-2014-9883
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244406
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain pointers, which allows attackers to gain privileges via a craf…
|
CWE-20
不適切な入力確認
|
CVE-2014-9884
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244407
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Format string vulnerability in drivers/thermal/qpnp-adc-tm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices allows attackers to gain privileges via a crafted application t…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9885
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244408
|
7.8 |
HIGH
ローカル
|
google
|
android
|
arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers …
|
CWE-20
不適切な入力確認
|
CVE-2014-9886
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244409
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain length values, which allows attackers to gain privileges via a…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9887
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244410
|
7.8 |
HIGH
ローカル
|
linux
|
linux_kernel
|
arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9888
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244411
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate CPP frame messages, which allows attackers to gai…
|
CWE-20
不適切な入力確認
|
CVE-2014-9889
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244412
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Off-by-one error in drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileg…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9890
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244413
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain buffer addresses, which allows attackers to gain privileges via a crafted a…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9891
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244414
|
5.5 |
MEDIUM
ローカル
|
google linux
|
android linux_kernel
|
The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a ti…
|
CWE-200
情報漏えい
|
CVE-2014-9892
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244415
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not properly determine the size of Gamut LUT data, which allows attackers to obtai…
|
CWE-200
情報漏えい
|
CVE-2014-9893
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244416
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not ensure that certain name strings end in a '\0' character, which allows attackers to o…
|
CWE-200
情報漏えい
|
CVE-2014-9894
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244417
|
5.5 |
MEDIUM
ローカル
|
google linux
|
android linux_kernel
|
drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows …
|
CWE-200
情報漏えい
|
CVE-2014-9895
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244418
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
drivers/char/adsprpc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate parameters and return values, which allows attackers to obtai…
|
CWE-200
情報漏えい
|
CVE-2014-9896
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244419
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain user-space data, which allows attackers to obtain sensitive…
|
CWE-200
情報漏えい
|
CVE-2014-9897
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244420
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers …
|
CWE-200
情報漏えい
|
CVE-2014-9898
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244421
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
drivers/usb/host/ehci-msm2.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices omits certain minimum calculations before copying data, which allows attackers to obtain sensit…
|
CWE-200
情報漏えい
|
CVE-2014-9899
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244422
|
5.5 |
MEDIUM
ローカル
|
google linux
|
android linux_kernel
|
The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure,…
|
CWE-200
情報漏えい
|
CVE-2014-9900
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244423
|
7.5 |
HIGH
ネットワーク
google
|
android
|
The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices makes incorrect snprintf calls, which allows remote attackers to cause a denial of service (device hang or reboot) via…
|
CWE-284
不適切なアクセス制御
|
CVE-2014-9901
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
244424
|
9.8 |
CRITICAL
ネットワーク
google
|
android
|
Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices allows remote attackers to execute arbitrary code via a c…
|
CWE-119
バッファエラー
|
CVE-2014-9902
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
244425
|
5.5 |
MEDIUM
ローカル
|
linux
|
linux_kernel
|
The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memo…
|
CWE-200
情報漏えい
|
CVE-2014-9903
|
2016-11-29 04:15 |
2016-06-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244426
|
9.8 |
CRITICAL
ネットワーク
debian dbd-mysql_project
|
debian_linux dbd-mysql
|
Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connectio…
|
CWE-416
解放済みメモリの使用
|
CVE-2014-9906
|
2016-11-29 04:15 |
2016-08-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
244427
|
4.3 |
MEDIUM
|
typo3
|
typo3
|
The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set and using a homepage with links that only …
|
CWE-59
リンク解釈の問題
|
CVE-2014-9508
|
2016-11-29 04:14 |
2015-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244428
|
4.3 |
MEDIUM
|
libmspack_project
|
libmspack
|
The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attacke…
|
NVD-CWE-Other
|
CVE-2014-9732
|
2016-11-29 04:14 |
2015-06-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244429
|
4.3 |
MEDIUM
|
libmspack_project
|
libmspack
|
CWE-476: NULL Pointer Dereference
https://cwe.mitre.org/data/definitions/476.html
|
NVD-CWE-Other
|
CVE-2014-9732
|
2016-11-29 04:14 |
2015-06-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244430
|
7.5 |
HIGH
|
themepunch
|
showbiz_pro slider_revolution
|
The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX function…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9735
|
2016-11-29 04:14 |
2015-06-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244431
|
7.8 |
HIGH
ローカル
|
google
|
android
|
The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number …
|
CWE-119
バッファエラー
|
CVE-2014-9777
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244432
|
7.8 |
HIGH
ローカル
|
google
|
android
|
The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the numb…
|
CWE-119
バッファエラー
|
CVE-2014-9778
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244433
|
7.8 |
HIGH
ローカル
|
google
|
android
|
arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to obtain sensitive information from kernel memory via a crafted …
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9779
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244434
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/video/msm/mdss/mdp3_ctrl.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5, 5X, and 6P devices does not validate start and length values, which allows attackers to gain pri…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9780
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244435
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Buffer overflow in drivers/video/fbcmap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android …
|
CWE-119
バッファエラー
|
CVE-2014-9781
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244436
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate direction and step parame…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9782
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244437
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate certain values, which allows attackers to…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9783
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244438
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Multiple buffer overflows in drivers/char/diag/diag_debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted …
|
CWE-119
バッファエラー
|
CVE-2014-9784
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244439
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate addresses before copying data, which allows attackers to gain privileges via…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9785
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244440
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attack…
|
CWE-119
バッファエラー
|
CVE-2014-9786
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244441
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Integer overflow in drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android…
|
CWE-189
数値処理の問題
|
CVE-2014-9787
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244442
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Multiple buffer overflows in the voice drivers in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android int…
|
CWE-119
バッファエラー
|
CVE-2014-9788
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244443
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/mmc/core/debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate pointers used in read and write operations, which allows attackers…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9790
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244444
|
7.8 |
HIGH
ローカル
|
google
|
android
|
arch/arm/mach-msm/ipc_router.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices uses an incorrect integer data type, which allows attackers to gain privileges via a crafted …
|
CWE-189
数値処理の問題
|
CVE-2014-9792
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244445
|
7.8 |
HIGH
ローカル
|
google
|
android
|
platform/msm_shared/mmc.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices mishandles the power-on write-protect feature, which allows attackers to gain privileges vi…
|
CWE-254
セキュリティ機能
|
CVE-2014-9793
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244446
|
7.8 |
HIGH
ローカル
|
google
|
android
|
app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices does not properly check for an integer overflow, which allows attackers to bypass intended access restrict…
|
CWE-189
数値処理の問題
|
CVE-2014-9795
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244447
|
7.8 |
HIGH
ローカル
|
google
|
android
|
app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the page size in the kernel header, which allows attackers to bypass intend…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9796
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244448
|
7.8 |
HIGH
ローカル
|
google
|
android
|
The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9799
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244449
|
4.3 |
MEDIUM
|
nlnetlabs canonical debian
|
unbound ubuntu_linux debian_linux
|
iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite numbe…
|
CWE-399
リソース管理の問題
|
CVE-2014-8602
|
2016-11-29 04:13 |
2014-12-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244450
|
9.3 |
HIGH
|
eaton
|
proview
|
Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for rem…
|
CWE-254
セキュリティ機能
|
CVE-2014-9196
|
2016-11-29 04:13 |
2015-07-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|