62 matches found
CVE-2018-11047
CVE-2018-11047 affects Cloud Foundry UAA. It allows using a valid refresh token in place of an access token to access admin endpoints (e.g., /Users, /Groups), due to a flaw in authorization handling. Vulnerable versions include UAA releases before 4.19.2, 4.12.x before 4.12.4, 4.10.x before 4.10....
CVE-2017-11047
CVE-2017-11047 applies to Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernel; the issue is in a graphics-driver ioctl handler where missing copy_from_user() calls can allow writes to kernel memory. Impact per CVSS indicates LOCAL access with LOW user interaction an...