Lucene search
+L

557 matches found

cnvd
cnvd
added 2017/05/09 12:0 a.m.6 views

Google Android Qualcomm Secure Execution Environment Communicator Driver elevation of privilege vulnerability (CNVD-2017-07361)

Android on Nexus 5X, etc. is an open source Linux-based operating system for Nexus 5X and other smart devices developed by Google and the Open Handheld Alliance OHA.The Qualcomm Secure Execution Environment QSE is an interface used to provide communication between the user space and the Qualcomm...

7.6CVSS7AI score0.01565EPSS
Exploits0References1
cnvd
cnvd
added 2017/05/05 12:0 a.m.4 views

Google Android Qualcomm Secure Execution Environment Communicator Driver Elevation of Privilege Vulnerability

Android on Nexus 5X, etc. is an open source Linux-based operating system for Nexus 5X and other smart devices developed by Google and the Open Handheld Alliance OHA.The Qualcomm Secure Execution Environment QSE is an interface used to provide communication between the user space and the Qualcomm...

7.6CVSS7.7AI score0.01467EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2017/05/04 12:0 a.m.11 views

The vulnerability of the Android operating system, which allows a hacker to obtain extended privileges

The vulnerability of the Android operating system lies in the fact that when a secure application based on Qualcomm Secure Execution Environment receives a memory cell address, it does not undergo verification to ensure that the address belongs to the user’s memory space, rather than the kernel’s...

4.3CVSS6.4AI score0.01005EPSS
Exploits0References5Affected Software1
ubuntucve
ubuntucve
added 2017/04/06 7:59 p.m.38 views

CVE-2016-5349

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

5.5CVSS6.4AI score0.01005EPSS
Exploits0References3
osv
osv
added 2017/04/06 7:59 p.m.8 views

UBUNTU-CVE-2016-5349

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

5.5CVSS7.2AI score0.01005EPSS
Exploits0References4
prion
prion
added 2017/04/06 7:59 p.m.17 views

Privilege escalation

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

4.3CVSS7.1AI score0.01005EPSS
Exploits0References5Affected Software1
osv
osv
added 2017/04/06 7:59 p.m.4 views

CVE-2016-5349

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

5.5CVSS7.3AI score0.01005EPSS
Exploits0References5
cvelist
cvelist
added 2017/04/06 7:0 p.m.25 views

CVE-2016-5349

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

6.5AI score0.01005EPSS
Exploits0References5
cve
cve
added 2017/04/06 7:0 p.m.54 views

CVE-2016-5349

Technical details for CVE-2016-5349 are not provided in the connected documents. Public disclosures contain general descriptions only; no concrete product/vendor/version/root-cause or fix information is available here. Monitor for updates from official advisories.

5.5CVSS6.4AI score0.01005EPSS
Exploits0References5Affected Software1
bdu_fstec
bdu_fstec
added 2017/02/21 12:0 a.m.6 views

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the Qualcomm Secure Execution Environment Communicator application for the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to compromise data confidentiality through the use of a local...

2.6CVSS5.5AI score0.00672EPSS
Exploits0References3
cnvd
cnvd
added 2017/02/10 12:0 a.m.6 views

Google Android Remote Elevation of Privilege Vulnerability (CNVD-2017-01392)

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. A security vulnerability in Qualcomm Secure Execution Environment Communicator in Android on multiple Google devices allows remote attackers to exploit the vulnerability to elevate...

7.6CVSS7AI score0.00818EPSS
Exploits0References1
osv
osv
added 2017/02/08 3:59 p.m.4 views

CVE-2016-8414

An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product:...

4.7CVSS5.8AI score0.00672EPSS
Exploits0References3
prion
prion
added 2017/02/08 3:59 p.m.20 views

Information disclosure

An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product:...

2.6CVSS5.8AI score0.00672EPSS
Exploits0References3Affected Software2
nvd
nvd
added 2017/02/08 3:59 p.m.25 views

CVE-2016-8414

An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product:...

4.7CVSS3.8AI score0.00672EPSS
Exploits0References3
cve
cve
added 2017/02/08 3:0 p.m.55 views

CVE-2016-8414

CVE-2016-8414 is an information-disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator affecting Android. It permits a local attacker with a compromised privileged process to access data outside its permissions. Affected components are the Android kernel (Kernel-3.10 a...

4.7CVSS4.4AI score0.00672EPSS
Exploits0References3Affected Software2
bdu_fstec
bdu_fstec
added 2017/02/02 12:0 a.m.15 views

The vulnerability of the Android operating system, which allows a hacker to trigger a buffer overflow.

The vulnerability in the trusted execution environment of Android’s operating system’s access control API arises due to buffer overflow. Exploiting this vulnerability can allow a malicious actor, operating remotely, to trigger a buffer overflow due to lack of size checking for the buffer...

10CVSS8.6AI score0.01728EPSS
Exploits0References3Affected Software1
mskb
mskb
added 2017/01/07 12:0 a.m.6 views

PXE client computers freeze during multithread network transfers in Windows Server 2012 R2

PXE client computers freeze during multithread network transfers in Windows Server 2012 R2 Symptoms When you deploy Windows Server 2012 R2 through Windows Deployment Services WDS Pre-Boot Execution Environment PXE, the server CPU usage spikes to 100%. In this situation, client computers may freez...

6.9AI score
Exploits0
myhack58
myhack58
added 2016/12/22 12:0 a.m.120 views

Two CVE case study: how to use Android in the trusted zone-vulnerability warning-the black bar safety net

This article from the actual departure, about how to step by step use of Android in the trusted zone TrustZone on. Here I am using a Huawei hisilicon the Trusted Execution Environment Trusted Execution Environment, TEE on. First of all, I found one can gain kernel privilege vulnerabilities, and...

7.8AI score0.0092EPSS
Exploits0
bdu_fstec
bdu_fstec
added 2016/09/19 12:0 a.m.9 views

The vulnerability of the CODESYS Runtime Toolkit execution environment allows a perpetrator to read and write arbitrary files.

The vulnerability of the CODESYS Runtime Toolkit execution environment exists due to an incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to read, write, and create arbitrary files by utilizing the “..” element in the path wh...

10CVSS5.8AI score0.02637EPSS
Exploits0References4Affected Software1
fedora
fedora
added 2016/09/04 12:53 a.m.12 views

[SECURITY] Fedora 24 Update: ganglia-3.7.2-10.fc24

Ganglia is a scalable, real-time monitoring and execution environment with all execution requests and statistics expressed in an open well-defined XML format...

2.6AI score
Exploits0
Rows per page
Query Builder