• HOME

  • ABOUT US

  • SERVICES

  • CONTACT

  • KNOWLEDGE

  • BUY ONLINE

  • More

    CYBER SECURITY ASSESSMENTS // PENETRATION TESTING // DATA SECURITY // IT SECURITY // SECURITY AUDITS // DIGITAL FORENSICS // CYBER INTELLIGENCE

                                       2016 VULNERABILITY DATABASE

     

     

    CVE-2014-9798

    Summary: platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attackers to cause a denial of service (OS outage) via a crafted application, aka Android internal bug 28821448 and Qualcomm internal bug CR681965.

    Published: 7/10/2016 9:59:19 PM

     

    CVSS Severity: v3 - 5.5 MEDIUM      v2 - 7.1 HIGH

     

    CVE-2014-9796

    Summary: app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the page size in the kernel header, which allows attackers to bypass intended access restrictions via a crafted boot image, aka Android internal bug 28820722 and Qualcomm internal bug CR684756.

    Published: 7/10/2016 9:59:18 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9795

    Summary: app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices does not properly check for an integer overflow, which allows attackers to bypass intended access restrictions via crafted start and size values, aka Android internal bug 28820720 and Qualcomm internal bug CR681957, a related issue to CVE-2014-4325.

    Published: 7/10/2016 9:59:17 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 10.0 HIGH

     

    CVE-2014-9793

    Summary: platform/msm_shared/mmc.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices mishandles the power-on write-protect feature, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28821253 and Qualcomm internal bug CR580567.

    Published: 7/10/2016 9:59:16 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9792

    Summary: arch/arm/mach-msm/ipc_router.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices uses an incorrect integer data type, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769399 and Qualcomm internal bug CR550606.

    Published: 7/10/2016 9:59:15 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9790

    Summary: drivers/mmc/core/debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate pointers used in read and write operations, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769136 and Qualcomm internal bug CR545716.

    Published: 7/10/2016 9:59:14 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9789

    Summary: The (1) alloc and (2) free APIs in arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices do not validate parameters, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28749392 and Qualcomm internal bug CR556425.

    Published: 7/10/2016 9:59:13 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9788

    Summary: Multiple buffer overflow in the voice drivers in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28573112 and Qualcomm internal bug CR548872.

    Published: 7/10/2016 9:59:12 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9787

    Summary: Integer overflow in drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28571496 and Qualcomm internal bug CR545764.

    Published: 7/10/2016 9:59:11 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9786

    Summary: Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28557260 and Qualcomm internal bug CR545979.

    Published: 7/10/2016 9:59:10 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9785

    Summary: drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate addresses before copying data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28469042 and Qualcomm internal bug CR545747.

    Published: 7/10/2016 9:59:09 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9784

    Summary: Multiple buffer overflows in drivers/char/diag/diag_debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28442449 and Qualcomm internal bug CR585147.

    Published: 7/10/2016 9:59:08 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9783

    Summary: drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate certain values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28441831 and Qualcomm internal bug CR511382.

    Published: 7/10/2016 9:59:07 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9782

    Summary: drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate direction and step parameters, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28431531 and Qualcomm internal bug CR511349.

    Published: 7/10/2016 9:59:06 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9781

    Summary: Buffer overflow in drivers/video/fbcmap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28410333 and Qualcomm internal bug CR556471.

    Published: 7/10/2016 9:59:05 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9780

    Summary: drivers/video/msm/mdss/mdp3_ctrl.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5, 5X, and 6P devices does not validate start and length values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28602014 and Qualcomm internal bug CR542222.

    Published: 7/10/2016 9:59:04 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9779

    Summary: arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to obtain sensitive information from kernel memory via a crafted offset, aka Android internal bug 28598347 and Qualcomm internal bug CR548679.

    Published: 7/10/2016 9:59:03 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9778

    Summary: The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598515 and Qualcomm internal bug CR563694.

    Published: 7/10/2016 9:59:02 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2014-9777

    Summary: The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598501 and Qualcomm internal bug CR563654.

    Published: 7/10/2016 9:59:01 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 9.3 HIGH

     

    CVE-2013-7457

    Summary: Unspecified vulnerability in the Qualcomm components in Android before 2016-07-05 allows attackers to gain privileges via a crafted application.

    Published: 7/10/2016 9:59:00 PM

     

    CVSS Severity: v3 - 7.8 HIGH      v2 - 10.0 HIGH

     

     

    <<< New  Older >>>

     

    Trojan 1 | PCI Compliance | HIPAA Compliance | GLBA Compliance | GDPR Compliance | Penetration Testing | Web Application Assessment | Corporate Security Assessment | Cyber Threat Intelligence 24 / 7

     

    Cyber Breach Lawyers | Vulnerability Assessments | CISO On Demand | Black Ops | Secure Cloud | Personal Security Assessments | Small Business IT Security  | NY Cybersecurity Rule 23 NYCRR 500

     

    Ethical Hacking for Small Businesses | IT Compliance Small Business | Security Breach Management Solutions | Big Data Security | Corporate Randsomware

     

    Website Security for Small Businesses | Security Consulting Services | Enterprise Security Services | Drone & Robotic IT Security

     

    Complete IT/Cyber Security Assessment |  Security Governance Services | Security & Risk Management | Digital Forensics

     

    Social Engineering Testing  | Cyber Liability Insurance | Data Centers Transformation & Security | Secure Access and Continuity Solutions

     

    Mobility Management  & Security | Network Management  Security Solutions | EndPoint Security Solutions |  National Vulnerability Database

    2200 PENNSYLVANIA AVENUE | NW | 4TH FLOOR EAST​ | WASHINGTON, D.C. 20037​

    ​​Tel: 202.507.5773 | Fax: 202.507.5601​ |  ContactUs@TrojanHorseSecurity.com

     

    • s-linkedin
    • s-facebook
    • Google Metallic
    • YouTube Metallic
    • Pinterest Metallic
    • s-tbird

    © 2020  TROJAN HORSE SECURITY INC

    • HOME

    • ABOUT US

    • SERVICES

    • CONTACT

    • KNOWLEDGE

    • BUY ONLINE

    • More