244901
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate ioctl calls, which allows attackers to gain privileges via a crafted a…
|
CWE-20
不適切な入力確認
|
CVE-2014-9864
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244902
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly restrict user-space input, which allows attackers to gain privileges v…
|
CWE-284
不適切なアクセス制御
|
CVE-2014-9865
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244903
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate a certain parameter, which allows…
|
CWE-20
不適切な入力確認
|
CVE-2014-9866
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244904
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate the number of streams, which allo…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9867
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244905
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/media/platform/msm/camera_v2/sensor/csiphy/msm_csiphy.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via an appl…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9868
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244906
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain index values, which all…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9869
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244907
|
7.8 |
HIGH
ローカル
|
google linux
|
android linux_kernel
|
The Linux kernel before 3.11 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly consider user-space access to the TPIDRURW register, which allow…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9870
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244908
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Multiple buffer overflows in drivers/media/platform/msm/camera_v2/isp/msm_isp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allow attackers to gain pr…
|
CWE-119
バッファエラー
|
CVE-2014-9871
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244909
|
7.8 |
HIGH
ローカル
|
google
|
android
|
The diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not ensure unique identifiers in a DCI client table, which allows attackers to gain privileges via a cr…
|
CWE-20
不適切な入力確認
|
CVE-2014-9872
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244910
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Integer underflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive infor…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9873
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244911
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Buffer overflow in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, related to arch/arm/mac…
|
CWE-119
バッファエラー
|
CVE-2014-9874
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244912
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application that sends short DCI reque…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9875
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244913
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/char/diag/diagfwd.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices mishandles certain integer values, which allows attackers to gain privi…
|
CWE-189
数値処理の問題
|
CVE-2014-9876
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244914
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices mishandles a user-space pointer, which allo…
|
CWE-19
データ処理
|
CVE-2014-9877
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244915
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/mmc/card/mmc_block_test.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges v…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9878
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244916
|
7.8 |
HIGH
ローカル
|
google
|
android
|
The mdss mdp3 driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate user-space data, which allows attackers to gain privileges via a crafted application,…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9879
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244917
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate VEN_IOCTL_GET_SEQUENCE_HDR ioctl calls, which allows attac…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9880
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244918
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices uses an incorrect integer data type, which allows attackers to gain privileges or ca…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9881
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244919
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Buffer overflow in drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, ak…
|
CWE-119
バッファエラー
|
CVE-2014-9882
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244920
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive inform…
|
CWE-191
整数アンダーフロー
|
CVE-2014-9883
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244921
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain pointers, which allows attackers to gain privileges via a craf…
|
CWE-20
不適切な入力確認
|
CVE-2014-9884
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244922
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Format string vulnerability in drivers/thermal/qpnp-adc-tm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices allows attackers to gain privileges via a crafted application t…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9885
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244923
|
7.8 |
HIGH
ローカル
|
google
|
android
|
arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers …
|
CWE-20
不適切な入力確認
|
CVE-2014-9886
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244924
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain length values, which allows attackers to gain privileges via a…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9887
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244925
|
7.8 |
HIGH
ローカル
|
linux
|
linux_kernel
|
arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9888
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244926
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate CPP frame messages, which allows attackers to gai…
|
CWE-20
不適切な入力確認
|
CVE-2014-9889
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244927
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Off-by-one error in drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileg…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9890
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244928
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain buffer addresses, which allows attackers to gain privileges via a crafted a…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9891
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244929
|
5.5 |
MEDIUM
ローカル
|
google linux
|
android linux_kernel
|
The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a ti…
|
CWE-200
情報漏えい
|
CVE-2014-9892
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244930
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not properly determine the size of Gamut LUT data, which allows attackers to obtai…
|
CWE-200
情報漏えい
|
CVE-2014-9893
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244931
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not ensure that certain name strings end in a '\0' character, which allows attackers to o…
|
CWE-200
情報漏えい
|
CVE-2014-9894
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244932
|
5.5 |
MEDIUM
ローカル
|
google linux
|
android linux_kernel
|
drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows …
|
CWE-200
情報漏えい
|
CVE-2014-9895
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244933
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
drivers/char/adsprpc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate parameters and return values, which allows attackers to obtai…
|
CWE-200
情報漏えい
|
CVE-2014-9896
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244934
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain user-space data, which allows attackers to obtain sensitive…
|
CWE-200
情報漏えい
|
CVE-2014-9897
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244935
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers …
|
CWE-200
情報漏えい
|
CVE-2014-9898
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244936
|
5.5 |
MEDIUM
ローカル
|
google
|
android
|
drivers/usb/host/ehci-msm2.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices omits certain minimum calculations before copying data, which allows attackers to obtain sensit…
|
CWE-200
情報漏えい
|
CVE-2014-9899
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244937
|
5.5 |
MEDIUM
ローカル
|
google linux
|
android linux_kernel
|
The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure,…
|
CWE-200
情報漏えい
|
CVE-2014-9900
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244938
|
7.5 |
HIGH
ネットワーク
google
|
android
|
The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices makes incorrect snprintf calls, which allows remote attackers to cause a denial of service (device hang or reboot) via…
|
CWE-284
不適切なアクセス制御
|
CVE-2014-9901
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
244939
|
9.8 |
CRITICAL
ネットワーク
google
|
android
|
Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices allows remote attackers to execute arbitrary code via a c…
|
CWE-119
バッファエラー
|
CVE-2014-9902
|
2016-11-29 04:15 |
2016-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
244940
|
5.5 |
MEDIUM
ローカル
|
linux
|
linux_kernel
|
The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memo…
|
CWE-200
情報漏えい
|
CVE-2014-9903
|
2016-11-29 04:15 |
2016-06-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244941
|
9.8 |
CRITICAL
ネットワーク
debian dbd-mysql_project
|
debian_linux dbd-mysql
|
Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connectio…
|
CWE-416
解放済みメモリの使用
|
CVE-2014-9906
|
2016-11-29 04:15 |
2016-08-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
244942
|
4.3 |
MEDIUM
|
typo3
|
typo3
|
The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set and using a homepage with links that only …
|
CWE-59
リンク解釈の問題
|
CVE-2014-9508
|
2016-11-29 04:14 |
2015-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244943
|
4.3 |
MEDIUM
|
libmspack_project
|
libmspack
|
The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attacke…
|
NVD-CWE-Other
|
CVE-2014-9732
|
2016-11-29 04:14 |
2015-06-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244944
|
4.3 |
MEDIUM
|
libmspack_project
|
libmspack
|
CWE-476: NULL Pointer Dereference
https://cwe.mitre.org/data/definitions/476.html
|
NVD-CWE-Other
|
CVE-2014-9732
|
2016-11-29 04:14 |
2015-06-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244945
|
7.5 |
HIGH
|
themepunch
|
showbiz_pro slider_revolution
|
The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX function…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9735
|
2016-11-29 04:14 |
2015-06-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244946
|
7.8 |
HIGH
ローカル
|
google
|
android
|
The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number …
|
CWE-119
バッファエラー
|
CVE-2014-9777
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244947
|
7.8 |
HIGH
ローカル
|
google
|
android
|
The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the numb…
|
CWE-119
バッファエラー
|
CVE-2014-9778
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244948
|
7.8 |
HIGH
ローカル
|
google
|
android
|
arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to obtain sensitive information from kernel memory via a crafted …
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9779
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244949
|
7.8 |
HIGH
ローカル
|
google
|
android
|
drivers/video/msm/mdss/mdp3_ctrl.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5, 5X, and 6P devices does not validate start and length values, which allows attackers to gain pri…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2014-9780
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244950
|
7.8 |
HIGH
ローカル
|
google
|
android
|
Buffer overflow in drivers/video/fbcmap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android …
|
CWE-119
バッファエラー
|
CVE-2014-9781
|
2016-11-29 04:14 |
2016-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|