映射到 CWE-119,CWE-120 的搜索结果 (8387)

CVE-2017-3196(发布:2017-12-15 21:29:10)NMS
CVSS7.2

[原文]PCAUSA Rawether framework does not properly validate BPF data, allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network packets. Local attackers can exploit this issue to execute arbitrary code with SYSTEM privileges.

CVE-2017-6211(发布:2017-12-05 14:29:00)NMS
CVSS10.0

[原文]In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of a downlink supplementary services message, a buffer overflow can occur.

CVE-2017-9722(发布:2017-12-05 12:29:01)NM
CVSS4.6

[原文]In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when updating custom EDID (hdmi_tx_sysfs_wta_edid), if edid_size, which is controlled by userspace, is too large, a buffer overflow occurs.

CVE-2017-9710(发布:2017-12-05 12:29:01)NM
CVSS4.6

[原文]In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, IOCTL interface to send QMI NOTIFY REQ messages can be called from multiple contexts which can result in buffer overflow of msg cache.

CVE-2017-9700(发布:2017-12-05 12:29:01)NM
CVSS4.6

[原文]In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer overwrite is possible in fw_name_store if image name is 64 characters.

CVE-2017-9698(发布:2017-12-05 12:29:00)NM
CVSS4.6

[原文]In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improperly specified offset/size values for a submission command could cause a math operation to overflow and could result in an access to arbitrary memory. The combined pointer will overflow and possibly pass further checks intended to avoid accessing unintended memory.

首页上一页4567891011下一页尾页 第6页 / 共1398页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站