NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2024年10月6日12:02

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
244901	7.8	HIGH ローカル	google	android	drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate ioctl calls, which allows attackers to gain privileges via a crafted a…	CWE-20 不適切な入力確認	CVE-2014-9864	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244902	7.8	HIGH ローカル	google	android	drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly restrict user-space input, which allows attackers to gain privileges v…	CWE-284 不適切なアクセス制御	CVE-2014-9865	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244903	7.8	HIGH ローカル	google	android	drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate a certain parameter, which allows…	CWE-20 不適切な入力確認	CVE-2014-9866	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244904	7.8	HIGH ローカル	google	android	drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate the number of streams, which allo…	CWE-264 認可・権限・アクセス制御	CVE-2014-9867	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244905	7.8	HIGH ローカル	google	android	drivers/media/platform/msm/camera_v2/sensor/csiphy/msm_csiphy.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via an appl…	CWE-264 認可・権限・アクセス制御	CVE-2014-9868	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244906	7.8	HIGH ローカル	google	android	drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain index values, which all…	CWE-264 認可・権限・アクセス制御	CVE-2014-9869	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244907	7.8	HIGH ローカル	google linux	android linux_kernel	The Linux kernel before 3.11 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly consider user-space access to the TPIDRURW register, which allow…	CWE-264 認可・権限・アクセス制御	CVE-2014-9870	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244908	7.8	HIGH ローカル	google	android	Multiple buffer overflows in drivers/media/platform/msm/camera_v2/isp/msm_isp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allow attackers to gain pr…	CWE-119 バッファエラー	CVE-2014-9871	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244909	7.8	HIGH ローカル	google	android	The diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not ensure unique identifiers in a DCI client table, which allows attackers to gain privileges via a cr…	CWE-20 不適切な入力確認	CVE-2014-9872	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244910	7.8	HIGH ローカル	google	android	Integer underflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive infor…	CWE-264 認可・権限・アクセス制御	CVE-2014-9873	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244911	7.8	HIGH ローカル	google	android	Buffer overflow in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, related to arch/arm/mac…	CWE-119 バッファエラー	CVE-2014-9874	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244912	7.8	HIGH ローカル	google	android	drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application that sends short DCI reque…	CWE-264 認可・権限・アクセス制御	CVE-2014-9875	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244913	7.8	HIGH ローカル	google	android	drivers/char/diag/diagfwd.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices mishandles certain integer values, which allows attackers to gain privi…	CWE-189 数値処理の問題	CVE-2014-9876	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244914	7.8	HIGH ローカル	google	android	drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices mishandles a user-space pointer, which allo…	CWE-19 データ処理	CVE-2014-9877	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244915	7.8	HIGH ローカル	google	android	drivers/mmc/card/mmc_block_test.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges v…	CWE-264 認可・権限・アクセス制御	CVE-2014-9878	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244916	7.8	HIGH ローカル	google	android	The mdss mdp3 driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate user-space data, which allows attackers to gain privileges via a crafted application,…	CWE-264 認可・権限・アクセス制御	CVE-2014-9879	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244917	7.8	HIGH ローカル	google	android	drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate VEN_IOCTL_GET_SEQUENCE_HDR ioctl calls, which allows attac…	CWE-264 認可・権限・アクセス制御	CVE-2014-9880	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244918	7.8	HIGH ローカル	google	android	drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices uses an incorrect integer data type, which allows attackers to gain privileges or ca…	CWE-264 認可・権限・アクセス制御	CVE-2014-9881	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244919	7.8	HIGH ローカル	google	android	Buffer overflow in drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, ak…	CWE-119 バッファエラー	CVE-2014-9882	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244920	7.8	HIGH ローカル	google	android	Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive inform…	CWE-191 整数アンダーフロー	CVE-2014-9883	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244921	7.8	HIGH ローカル	google	android	drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain pointers, which allows attackers to gain privileges via a craf…	CWE-20 不適切な入力確認	CVE-2014-9884	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244922	7.8	HIGH ローカル	google	android	Format string vulnerability in drivers/thermal/qpnp-adc-tm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices allows attackers to gain privileges via a crafted application t…	CWE-264 認可・権限・アクセス制御	CVE-2014-9885	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244923	7.8	HIGH ローカル	google	android	arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers …	CWE-20 不適切な入力確認	CVE-2014-9886	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244924	7.8	HIGH ローカル	google	android	drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain length values, which allows attackers to gain privileges via a…	CWE-264 認可・権限・アクセス制御	CVE-2014-9887	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244925	7.8	HIGH ローカル	linux	linux_kernel	arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might…	CWE-264 認可・権限・アクセス制御	CVE-2014-9888	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244926	7.8	HIGH ローカル	google	android	drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate CPP frame messages, which allows attackers to gai…	CWE-20 不適切な入力確認	CVE-2014-9889	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244927	7.8	HIGH ローカル	google	android	Off-by-one error in drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileg…	CWE-264 認可・権限・アクセス制御	CVE-2014-9890	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244928	7.8	HIGH ローカル	google	android	drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain buffer addresses, which allows attackers to gain privileges via a crafted a…	CWE-264 認可・権限・アクセス制御	CVE-2014-9891	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244929	5.5	MEDIUM ローカル	google linux	android linux_kernel	The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a ti…	CWE-200 情報漏えい	CVE-2014-9892	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244930	5.5	MEDIUM ローカル	google	android	drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not properly determine the size of Gamut LUT data, which allows attackers to obtai…	CWE-200 情報漏えい	CVE-2014-9893	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244931	5.5	MEDIUM ローカル	google	android	drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not ensure that certain name strings end in a '\0' character, which allows attackers to o…	CWE-200 情報漏えい	CVE-2014-9894	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244932	5.5	MEDIUM ローカル	google linux	android linux_kernel	drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows …	CWE-200 情報漏えい	CVE-2014-9895	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244933	5.5	MEDIUM ローカル	google	android	drivers/char/adsprpc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate parameters and return values, which allows attackers to obtai…	CWE-200 情報漏えい	CVE-2014-9896	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244934	5.5	MEDIUM ローカル	google	android	sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain user-space data, which allows attackers to obtain sensitive…	CWE-200 情報漏えい	CVE-2014-9897	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244935	5.5	MEDIUM ローカル	google	android	arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers …	CWE-200 情報漏えい	CVE-2014-9898	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244936	5.5	MEDIUM ローカル	google	android	drivers/usb/host/ehci-msm2.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices omits certain minimum calculations before copying data, which allows attackers to obtain sensit…	CWE-200 情報漏えい	CVE-2014-9899	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244937	5.5	MEDIUM ローカル	google linux	android linux_kernel	The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure,…	CWE-200 情報漏えい	CVE-2014-9900	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244938	7.5	HIGH ネットワーク	google	android	The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices makes incorrect snprintf calls, which allows remote attackers to cause a denial of service (device hang or reboot) via…	CWE-284 不適切なアクセス制御	CVE-2014-9901	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244939	9.8	CRITICAL ネットワーク	google	android	Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 (2013) devices allows remote attackers to execute arbitrary code via a c…	CWE-119 バッファエラー	CVE-2014-9902	2016-11-29 04:15	2016-08-6	表示	GitHub Exploit DB Packet Storm

244940	5.5	MEDIUM ローカル	linux	linux_kernel	The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memo…	CWE-200 情報漏えい	CVE-2014-9903	2016-11-29 04:15	2016-06-27	表示	GitHub Exploit DB Packet Storm

244941	9.8	CRITICAL ネットワーク	debian dbd-mysql_project	debian_linux dbd-mysql	Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connectio…	CWE-416 解放済みメモリの使用	CVE-2014-9906	2016-11-29 04:15	2016-08-20	表示	GitHub Exploit DB Packet Storm

244942	4.3	MEDIUM	typo3	typo3	The frontend rendering component in TYPO3 4.5.x before 4.5.39, 4.6.x through 6.2.x before 6.2.9, and 7.x before 7.0.2, when config.prefixLocalAnchors is set and using a homepage with links that only …	CWE-59 リンク解釈の問題	CVE-2014-9508	2016-11-29 04:14	2015-01-5	表示	GitHub Exploit DB Packet Storm

244943	4.3	MEDIUM	libmspack_project	libmspack	The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attacke…	NVD-CWE-Other	CVE-2014-9732	2016-11-29 04:14	2015-06-11	表示	GitHub Exploit DB Packet Storm

244944	4.3	MEDIUM	libmspack_project	libmspack	CWE-476: NULL Pointer Dereference https://cwe.mitre.org/data/definitions/476.html	NVD-CWE-Other	CVE-2014-9732	2016-11-29 04:14	2015-06-11	表示	GitHub Exploit DB Packet Storm

244945	7.5	HIGH	themepunch	showbiz_pro slider_revolution	The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX function…	CWE-264 認可・権限・アクセス制御	CVE-2014-9735	2016-11-29 04:14	2015-06-30	表示	GitHub Exploit DB Packet Storm

244946	7.8	HIGH ローカル	google	android	The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number …	CWE-119 バッファエラー	CVE-2014-9777	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244947	7.8	HIGH ローカル	google	android	The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the numb…	CWE-119 バッファエラー	CVE-2014-9778	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244948	7.8	HIGH ローカル	google	android	arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to obtain sensitive information from kernel memory via a crafted …	CWE-264 認可・権限・アクセス制御	CVE-2014-9779	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244949	7.8	HIGH ローカル	google	android	drivers/video/msm/mdss/mdp3_ctrl.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5, 5X, and 6P devices does not validate start and length values, which allows attackers to gain pri…	CWE-264 認可・権限・アクセス制御	CVE-2014-9780	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm

244950	7.8	HIGH ローカル	google	android	Buffer overflow in drivers/video/fbcmap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android …	CWE-119 バッファエラー	CVE-2014-9781	2016-11-29 04:14	2016-07-11	表示	GitHub Exploit DB Packet Storm