News aggregator

CVE-2017-15857

National Vulnerability Database - Tue, 06/12/2018 - 16:29
In the camera driver, an out-of-bounds access can occur due to an error in copying region params from user space in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2017-18070

National Vulnerability Database - Tue, 06/12/2018 - 16:29
In wma_ndp_end_response_event_handler(), the variable len_end_rsp is a uint32 which can be overflowed if the value of variable "event->num_ndp_end_rsp_per_ndi_list" is very large which can then lead to a heap overwrite of the heap object end_rsp in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-0496

National Vulnerability Database - Tue, 06/12/2018 - 16:29
Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 (as well as in RTsoft's Dink Smallwood HD / ProtonSDK version) before 3.14 allow an attacker to overwrite arbitrary files on the user's system.
Categories: Security News

CVE-2018-3571

National Vulnerability Database - Tue, 06/12/2018 - 16:29
In the KGSL driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a Use After Free condition can occur when printing information about sparse memory allocations
Categories: Security News

CVE-2018-3572

National Vulnerability Database - Tue, 06/12/2018 - 16:29
While processing a DSP buffer in an audio driver's event handler, an index of a buffer is not checked before accessing the buffer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-3576

National Vulnerability Database - Tue, 06/12/2018 - 16:29
improper validation of array index in WiFi driver function sapInterferenceRssiCount() leads to array out-of-bounds access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-3579

National Vulnerability Database - Tue, 06/12/2018 - 16:29
In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, event->num_entries_in_page is a value received from firmware that is not properly validated which can lead to a buffer over-read
Categories: Security News

CVE-2018-3581

National Vulnerability Database - Tue, 06/12/2018 - 16:29
In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overwrite can occur if the vdev_id received from firmware is larger than max_bssid.
Categories: Security News

CVE-2018-3582

National Vulnerability Database - Tue, 06/12/2018 - 16:29
Buffer overflow can occur due to improper input validation in multiple WMA event handler functions in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-5842

National Vulnerability Database - Tue, 06/12/2018 - 16:29
An arbitrary address write can occur if a compromised WLAN firmware sends incorrect data to WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-5843

National Vulnerability Database - Tue, 06/12/2018 - 16:29
In the function wma_pdev_div_info_evt_handler() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, there is no upper bound check on the value event->num_chains_valid received from firmware which can lead to a buffer overwrite of the fixed size chain_rssi_result structure.
Categories: Security News

CVE-2018-5844

National Vulnerability Database - Tue, 06/12/2018 - 16:29
In the video driver function set_output_buffers(), binfo can be accessed after being freed in a failure scenario in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-5847

National Vulnerability Database - Tue, 06/12/2018 - 16:29
Early or late retirement of rotation requests can result in a Use After Free condition in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2018-5848

National Vulnerability Database - Tue, 06/12/2018 - 16:29
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Categories: Security News

CVE-2017-18287

National Vulnerability Database - Tue, 06/12/2018 - 14:29
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the POST user_search parameter.
Categories: Security News

CVE-2017-18288

National Vulnerability Database - Tue, 06/12/2018 - 14:29
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET game parameter.
Categories: Security News

CVE-2017-18289

National Vulnerability Database - Tue, 06/12/2018 - 14:29
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET type parameter.
Categories: Security News

CVE-2017-18290

National Vulnerability Database - Tue, 06/12/2018 - 14:29
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET sort_direction parameter.
Categories: Security News

CVE-2017-18291

National Vulnerability Database - Tue, 06/12/2018 - 14:29
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the GET user parameter.
Categories: Security News

CVE-2018-12257

National Vulnerability Database - Tue, 06/12/2018 - 14:29
An issue was discovered on Momentum Axel 720P 5.1.8 devices. There is Authenticated Custom Firmware Upgrade via DNS Hijacking. An authenticated root user with CLI access is able to remotely upgrade firmware to a custom image due to lack of SSL validation by changing the nameservers in /etc/resolv.conf to the attacker's server, and serving the expected HTTPS response containing new firmware for the device to download.
Categories: Security News

Pages