NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2024年9月29日5:13

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
244401	7.8	HIGH ローカル	google	android	The mdss mdp3 driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate user-space data, which allows attackers to gain privileges via a crafted application,…	CWE-264 認可・権限・アクセス制御	CVE-2014-9879	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244402	7.8	HIGH ローカル	google	android	drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate VEN_IOCTL_GET_SEQUENCE_HDR ioctl calls, which allows attac…	CWE-264 認可・権限・アクセス制御	CVE-2014-9880	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244403	7.8	HIGH ローカル	google	android	drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices uses an incorrect integer data type, which allows attackers to gain privileges or ca…	CWE-264 認可・権限・アクセス制御	CVE-2014-9881	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244404	7.8	HIGH ローカル	google	android	Buffer overflow in drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, ak…	CWE-119 バッファエラー	CVE-2014-9882	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244405	7.8	HIGH ローカル	google	android	Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive inform…	CWE-191 整数アンダーフロー	CVE-2014-9883	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244406	7.8	HIGH ローカル	google	android	drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain pointers, which allows attackers to gain privileges via a craf…	CWE-20 不適切な入力確認	CVE-2014-9884	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244407	7.8	HIGH ローカル	google	android	Format string vulnerability in drivers/thermal/qpnp-adc-tm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices allows attackers to gain privileges via a crafted application t…	CWE-264 認可・権限・アクセス制御	CVE-2014-9885	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244408	7.8	HIGH ローカル	google	android	arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers …	CWE-20 不適切な入力確認	CVE-2014-9886	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244409	7.8	HIGH ローカル	google	android	drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain length values, which allows attackers to gain privileges via a…	CWE-264 認可・権限・アクセス制御	CVE-2014-9887	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244410	7.8	HIGH ローカル	linux	linux_kernel	arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might…	CWE-264 認可・権限・アクセス制御	CVE-2014-9888	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244411	7.8	HIGH ローカル	google	android	drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate CPP frame messages, which allows attackers to gai…	CWE-20 不適切な入力確認	CVE-2014-9889	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244412	7.8	HIGH ローカル	google	android	Off-by-one error in drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileg…	CWE-264 認可・権限・アクセス制御	CVE-2014-9890	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244413	7.8	HIGH ローカル	google	android	drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain buffer addresses, which allows attackers to gain privileges via a crafted a…	CWE-264 認可・権限・アクセス制御	CVE-2014-9891	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244414	5.5	MEDIUM ローカル	google linux	android linux_kernel	The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a ti…	CWE-200 情報漏えい	CVE-2014-9892	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244415	5.5	MEDIUM ローカル	google	android	drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not properly determine the size of Gamut LUT data, which allows attackers to obtai…	CWE-200 情報漏えい	CVE-2014-9893	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244416	5.5	MEDIUM ローカル	google	android	drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not ensure that certain name strings end in a '\0' character, which allows attackers to o…	CWE-200 情報漏えい	CVE-2014-9894	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244417	5.5	MEDIUM ローカル	google linux	android linux_kernel	drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows …	CWE-200 情報漏えい	CVE-2014-9895	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244418	5.5	MEDIUM ローカル	google	android	drivers/char/adsprpc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate parameters and return values, which allows attackers to obtai…	CWE-200 情報漏えい	CVE-2014-9896	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244419	5.5	MEDIUM ローカル	google	android	sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain user-space data, which allows attackers to obtain sensitive…	CWE-200 情報漏えい	CVE-2014-9897	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244420	5.5	MEDIUM ローカル	google	android	arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers …	CWE-200 情報漏えい	CVE-2014-9898	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244421	5.5	MEDIUM ローカル	google	android	drivers/usb/host/ehci-msm2.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices omits certain minimum calculations before copying data, which allows attackers to obtain sensit…	CWE-200 情報漏えい	CVE-2014-9899	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244422	5.5	MEDIUM ローカル	google linux	android linux_kernel	The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure,…	CWE-200 情報漏えい	CVE-2014-9900	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244423	7.5	HIGH ネットワーク	google	android	The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices makes incorrect snprintf calls, which allows remote attackers to cause a denial of service (device hang or reboot) via…	CWE-284 不適切なアクセス制御	CVE-2014-9901	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244424	9.8	CRITICAL ネットワーク	google	android	Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices allows remote attackers to execute arbitrary code via a c…	CWE-119 バッファエラー	CVE-2014-9902	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244425	5.5	MEDIUM ローカル	linux	linux_kernel	The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memo…	CWE-200 情報漏えい	CVE-2014-9903	2016-11-29 04:15	2016-06-27	表示	GitHub Exploit DB Packet Storm

244426	9.8	CRITICAL ネットワーク	debian dbd-mysql_project	debian_linux dbd-mysql	Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connectio…	CWE-416 解放済みメモリの使用	CVE-2014-9906	2016-11-29 04:15	2016-08-20	表示	GitHub Exploit DB Packet Storm

244427	4.3	MEDIUM	typo3	typo3	The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set and using a homepage with links that only …	CWE-59 リンク解釈の問題	CVE-2014-9508	2016-11-29 04:14	2015-01-5	表示	GitHub Exploit DB Packet Storm

244428	4.3	MEDIUM	libmspack_project	libmspack	The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attacke…	NVD-CWE-Other	CVE-2014-9732	2016-11-29 04:14	2015-06-11	表示	GitHub Exploit DB Packet Storm

244429	4.3	MEDIUM	libmspack_project	libmspack	CWE-476: NULL Pointer Dereference https://cwe.mitre.org/data/definitions/476.html	NVD-CWE-Other	CVE-2014-9732	2016-11-29 04:14	2015-06-11	表示	GitHub Exploit DB Packet Storm

244430	7.5	HIGH	themepunch	showbiz_pro slider_revolution	The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX function…	CWE-264 認可・権限・アクセス制御	CVE-2014-9735	2016-11-29 04:14	2015-06-30	表示	GitHub Exploit DB Packet Storm

244431	7.8	HIGH ローカル	google	android	The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number …	CWE-119 バッファエラー	CVE-2014-9777	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244432	7.8	HIGH ローカル	google	android	The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the numb…	CWE-119 バッファエラー	CVE-2014-9778	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244433	7.8	HIGH ローカル	google	android	arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to obtain sensitive information from kernel memory via a crafted …	CWE-264 認可・権限・アクセス制御	CVE-2014-9779	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244434	7.8	HIGH ローカル	google	android	drivers/video/msm/mdss/mdp3_ctrl.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5, 5X, and 6P devices does not validate start and length values, which allows attackers to gain pri…	CWE-264 認可・権限・アクセス制御	CVE-2014-9780	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244435	7.8	HIGH ローカル	google	android	Buffer overflow in drivers/video/fbcmap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android …	CWE-119 バッファエラー	CVE-2014-9781	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244436	7.8	HIGH ローカル	google	android	drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate direction and step parame…	CWE-264 認可・権限・アクセス制御	CVE-2014-9782	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244437	7.8	HIGH ローカル	google	android	drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate certain values, which allows attackers to…	CWE-264 認可・権限・アクセス制御	CVE-2014-9783	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244438	7.8	HIGH ローカル	google	android	Multiple buffer overflows in drivers/char/diag/diag_debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted …	CWE-119 バッファエラー	CVE-2014-9784	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244439	7.8	HIGH ローカル	google	android	drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate addresses before copying data, which allows attackers to gain privileges via…	CWE-264 認可・権限・アクセス制御	CVE-2014-9785	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244440	7.8	HIGH ローカル	google	android	Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attack…	CWE-119 バッファエラー	CVE-2014-9786	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244441	7.8	HIGH ローカル	google	android	Integer overflow in drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android…	CWE-189 数値処理の問題	CVE-2014-9787	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244442	7.8	HIGH ローカル	google	android	Multiple buffer overflows in the voice drivers in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android int…	CWE-119 バッファエラー	CVE-2014-9788	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244443	7.8	HIGH ローカル	google	android	drivers/mmc/core/debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate pointers used in read and write operations, which allows attackers…	CWE-264 認可・権限・アクセス制御	CVE-2014-9790	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244444	7.8	HIGH ローカル	google	android	arch/arm/mach-msm/ipc_router.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices uses an incorrect integer data type, which allows attackers to gain privileges via a crafted …	CWE-189 数値処理の問題	CVE-2014-9792	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244445	7.8	HIGH ローカル	google	android	platform/msm_shared/mmc.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices mishandles the power-on write-protect feature, which allows attackers to gain privileges vi…	CWE-254 セキュリティ機能	CVE-2014-9793	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244446	7.8	HIGH ローカル	google	android	app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices does not properly check for an integer overflow, which allows attackers to bypass intended access restrict…	CWE-189 数値処理の問題	CVE-2014-9795	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244447	7.8	HIGH ローカル	google	android	app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the page size in the kernel header, which allows attackers to bypass intend…	CWE-264 認可・権限・アクセス制御	CVE-2014-9796	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244448	7.8	HIGH ローカル	google	android	The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a…	CWE-264 認可・権限・アクセス制御	CVE-2014-9799	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244449	4.3	MEDIUM	nlnetlabs canonical debian	unbound ubuntu_linux debian_linux	iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite numbe…	CWE-399 リソース管理の問題	CVE-2014-8602	2016-11-29 04:13	2014-12-11	表示	GitHub Exploit DB Packet Storm

244450	9.3	HIGH	eaton	proview	Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for rem…	CWE-254 セキュリティ機能	CVE-2014-9196	2016-11-29 04:13	2015-07-20	表示	GitHub Exploit DB Packet Storm