Export limit exceeded: 343831 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343831 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-9109 | 1 Qualcomm | 18 Mdm9625, Mdm9625 Firmware, Sd 425 and 15 more | 2024-11-21 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, lack of address argument validation inqsee_fuse_write could lead to untrusted pointer dereference. | ||||
| CVE-2015-9108 | 1 Qualcomm | 18 Mdm9625, Mdm9625 Firmware, Sd 425 and 15 more | 2024-11-21 | N/A |
| In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NULL Pointer exception when calling a downstream function. | ||||
| CVE-2015-9016 | 1 Google | 1 Android | 2024-11-21 | N/A |
| In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046. | ||||
| CVE-2015-9015 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714120. | ||||
| CVE-2015-9014 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393750. | ||||
| CVE-2015-9013 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393251. | ||||
| CVE-2015-9012 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384691. | ||||
| CVE-2015-9011 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714882. | ||||
| CVE-2015-9010 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393101. | ||||
| CVE-2015-9009 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393600. | ||||
| CVE-2015-9008 | 1 Google | 1 Android | 2024-11-21 | N/A |
| An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384689. | ||||
| CVE-2015-8980 | 4 Fedoraproject, Opensuse, Php-gettext Project and 1 more | 4 Fedora, Leap, Php-gettext and 1 more | 2024-11-21 | 9.8 Critical |
| The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code. | ||||
| CVE-2015-8851 | 2 Node-uuid Project, Redhat | 2 Node-uuid, Openshift | 2024-11-21 | 7.5 High |
| node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing. | ||||
| CVE-2015-8751 | 1 Jasper Project | 1 Jasper | 2024-11-21 | 8.8 High |
| Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation. | ||||
| CVE-2015-8549 | 1 Pyamf | 1 Pyamf | 2024-11-21 | 7.1 High |
| XML external entity (XXE) vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format (AMF) payload. | ||||
| CVE-2015-8546 | 2 Google, Samsung | 5 Android, Galaxy Note5, Galaxy S6 and 2 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-based buffer overflow in the baseband process that is exploitable for remote code execution via a fake base station. The Samsung ID is SVE-2015-5123 (December 2015). | ||||
| CVE-2015-8536 | 1 Lenovo | 1 Solution Center | 2024-11-21 | 8.8 High |
| MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to version 3.3.002 that could allow cross-site request forgery. | ||||
| CVE-2015-8535 | 1 Lenovo | 1 Solution Center | 2024-11-21 | 7.8 High |
| MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A directory traversal vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to version 3.3.002 that could allow a user to execute arbitrary code with elevated privileges. | ||||
| CVE-2015-8534 | 1 Lenovo | 1 Solution Center | 2024-11-21 | 7.8 High |
| MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to version 3.3.002 that could allow a user to execute arbitrary code with elevated privileges. | ||||
| CVE-2015-8371 | 1 Getcomposer | 1 Composer | 2024-11-21 | 8.8 High |
| Composer before 2016-02-10 allows cache poisoning from other projects built on the same host. This results in attacker-controlled code entering a server-side build process. The issue occurs because of the way that dist packages are cached. The cache key is derived from the package name, the dist type, and certain other data from the package repository (which may simply be a commit hash, and thus can be found by an attacker). Versions through 1.0.0-alpha11 are affected, and 1.0.0 is unaffected. | ||||