Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2016-10477 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, an... | N/A | NONE | β | 0 |
| CVE-2016-10478 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 617, incorrect size calculation in QCRIL SCWS processing have Integer overflow which will lead to a buffer... | N/A | NONE | β | 0 |
| CVE-2016-10479 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9607, MDM9615, MDM9635M, MDM9640, SD 210/SD 212/SD 205, SD 400, SD 600, SD 615/16/SD 415, SD 617, SD 650/5... | N/A | NONE | β | 0 |
| CVE-2016-10480 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD ... | N/A | NONE | β | 0 |
| CVE-2016-10481 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6... | N/A | NONE | β | 0 |
| CVE-2018-1145 A remote unauthenticated user can overflow a stack buffer in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi. | N/A | NONE | β | 0 |
| CVE-2016-10482 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210... | N/A | NONE | β | 0 |
| CVE-2016-10483 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, improper input validation while processing SCM Command can l... | N/A | NONE | β | 0 |
| CVE-2016-10484 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, M... | N/A | NONE | β | 0 |
| CVE-2016-10485 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909... | N/A | NONE | β | 0 |
| CVE-2016-10486 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 450, SD 617, SD 625, SD 650/52, SD 808, ... | N/A | NONE | β | 0 |
| CVE-2018-1146 A remote unauthenticated user can enable telnet on the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to set.cgi. When enabled the telnet session requires no password and... | N/A | NONE | β | 0 |
| CVE-2016-10487 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, M... | N/A | NONE | β | 0 |
| CVE-2016-10489 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in qsee_get_tz_app_name() may lead to an untrusted pointer derefe... | N/A | NONE | β | 0 |
| CVE-2016-10490 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, M... | N/A | NONE | β | 0 |
| CVE-2016-10491 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210... | N/A | NONE | β | 0 |
| CVE-2016-10492 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MSM8909W, SD 210/SD 212/S... | N/A | NONE | β | 0 |
| CVE-2018-6306 Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538. | N/A | NONE | β | 0 |
| CVE-2016-10493 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, M... | N/A | NONE | β | 0 |
| CVE-2016-10494 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9640, MDM9645, MDM9650, MDM9655, MS... | N/A | NONE | β | 0 |
| CVE-2016-10495 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, made changes to map the scan type value to an index value that is in range. | N/A | NONE | β | 0 |
| CVE-2016-10496 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, SD 210/SD 212/SD 205, SD 410/12, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, and SD 810, A... | N/A | NONE | β | 0 |
| CVE-2016-10497 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909... | N/A | NONE | β | 0 |
| CVE-2016-10498 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435,... | N/A | NONE | β | 0 |
| CVE-2016-10499 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909... | N/A | NONE | β | 0 |
| CVE-2016-10501 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9635M, MDM9655, MSM8909W, SD 210/SD 212/SD... | N/A | NONE | β | 0 |
| CVE-2018-10199 In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::File#initilialize_copy(). An attacker that can cause Ruby code to be run can possibly use this to exe... | N/A | NONE | β | 0 |
| CVE-2018-6413 There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack (service interrup... | N/A | NONE | β | 0 |
| CVE-2016-2169 Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior to v237, contain a business logic flaw. An application developer may create an application with a rou... | N/A | NONE | β | 0 |
| CVE-2016-8220 Pivotal Gemfire for PCF, versions 1.6.x prior to 1.6.5.0 and 1.7.x prior to 1.7.1.0, contain an information disclosure vulnerability. The application inadvertently exposed WAN replication credentials ... | N/A | NONE | β | 0 |
| CVE-2017-16071 nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | N/A | NONE | β | 0 |
| CVE-2018-1088 A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by s... | 8.1 | HIGH | β | 0 |
| CVE-2018-1240 Dell EMC ViPR Controller, versions after 3.0.0.38, contain an information exposure vulnerability in the VRRP. VRRP defaults to an insecure configuration in Linux's keepalived component which sends the... | N/A | NONE | β | 0 |
| CVE-2018-8831 A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist. | N/A | NONE | β | 0 |
| CVE-2018-1000158 cmsmadesimple version 2.2.7 contains a Incorrect Access Control vulnerability in the function of send_recovery_email in the line "$url = $config['admin_url'] . '/login.php?recoverme=' . $code;" that c... | N/A | NONE | β | 0 |
| CVE-2018-1000159 tlslite-ng version 0.7.3 and earlier, since commit d7b288316bca7bcdd082e6ccff5491e241305233 contains a CWE-354: Improper Validation of Integrity Check Value vulnerability in TLS implementation, tlslit... | N/A | NONE | β | 0 |
| CVE-2018-1000160 RisingStack protect version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in isXss() function in lib/rules/xss.js that can result in dangerous XSS strings being validated as sa... | N/A | NONE | β | 0 |
| CVE-2018-1000161 nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is runni... | N/A | NONE | β | 0 |
| CVE-2018-1000162 Parsedown version prior to 1.7.0 contains a Cross Site Scripting (XSS) vulnerability in `setMarkupEscaped` for escaping HTML that can result in JavaScript code execution. This attack appears to be exp... | N/A | NONE | β | 0 |
| CVE-2018-1000163 Floodlight version 1.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in the web console that can result in javascript injections into the web page. This attack appears to be exploita... | N/A | NONE | β | 0 |
| CVE-2018-1000164 gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attac... | N/A | NONE | β | 0 |
| CVE-2018-1000165 LightSAML version prior to 1.3.5 contains a Incorrect Access Control vulnerability in signature validation in readers in src/LightSaml/Model/XmlDSig/ that can result in impersonation of any user from ... | N/A | NONE | β | 0 |
| CVE-2018-1000167 OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 a... | N/A | NONE | β | 0 |
| CVE-2017-16072 nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | N/A | NONE | β | 0 |
| CVE-2018-1325 In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display. | N/A | NONE | β | 0 |
| CVE-2018-7240 A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of t... | N/A | NONE | β | 0 |
| CVE-2018-7241 Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. | N/A | NONE | β | 0 |
| CVE-2018-7242 Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to... | N/A | NONE | β | 0 |
| CVE-2018-7758 A denial of service vulnerability exists in Schneider Electric's MiCOM Px4x (P540 range excluded) with legacy Ethernet board, MiCOM P540D Range with Legacy Ethernet Board, and MiCOM Px4x Rejuvenated c... | N/A | NONE | β | 0 |
| CVE-2018-7243 An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. The integrated web server (Port 80/443/TCP) of the a... | N/A | NONE | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.