Mozilla Firefox for Android Local Security Bypass Vulnerability

Mozilla Firefox for Android is an open source web browser based on the Android platform from the US-based Mozilla Foundation. A security vulnerability exists in versions of Mozilla Firefox for Android prior to version 54. The vulnerability can be exploited by an attacker to read local data with t...

Information disclosure

An information disclosure vulnerability in the kernel ION subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android...

Security vulnerabilities fixed in Firefox 54 — Mozilla

A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. A use-after-free vulnerability when using an incorrect URL during the...

CVE-2017-0624

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android...

CVE-2016-10294

An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

CVE-2017-4896

Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application. Successful exploitation of this issue may result in an unauthorized disclosure of confidential data...

CVE-2017-0586

An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

UBUNTU-CVE-2017-0557

An information disclosure vulnerability in libmpeg2 in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access data without permission. Product: Android. Versions: 6.0, 6.0.1, 7.0,...

CVE-2016-8483

An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android...

UBUNTU-CVE-2017-0534

An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18...

USN-3184-1 irssi vulnerabilities

It was discovered that the Irssi buf.pl script set incorrect permissions. A local attacker could use this issue to retrieve another user's window contents. CVE-2016-7553 Joseph Bisch discovered that Irssi incorrectly handled comparing nicks. A remote attacker could use this issue to cause Irssi t...

UBUNTU-CVE-2016-6720

An information disclosure vulnerability in libstagefright in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to access data outside of its permission levels. This issue is...

Oracle Virtualization VM VirtualBox Component Local Data Read Vulnerability

Oracle Virtualization Oracle VirtualBox is a virtual machine component of Oracle's virtualization solution. A local data read vulnerability exists in the Core subcomponent of the Oracle VM VirtualBox component of Oracle Virtualization, versions prior to 5.0.28 and versions prior to 5.1.8. An...

UBUNTU-CVE-2016-6153

osunix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impact by leveraging use of the current working directory for...

CVE-2016-4755

Terminal in Apple OS X before 10.12 uses weak permissions for the .bashhistory and .bashsession files, which allows local users to obtain sensitive information via unspecified vectors...

Unspecified Vulnerability in Oracle Java SE/Java SE Embedded and JRockit Networking Subcomponents

Oracle Java SE, Java SE Embedded, and JRockit are products of Oracle Corporation. Java SE Java Platform Standard Edition is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments; Java SE Embedded is a Java platform for developing...

The vulnerability of the Solaris operating system, which allows a hacker to modify data or cause partial service failure.

The vulnerability of the Libc library component of the Solaris operating system is related to errors in the code. Exploiting this vulnerability can allow an attacker, operating locally, to gain access to modify, add, or delete data, or cause partial service interruption...

Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Enterprise Manager Base Platform Agent Next Gen Component (CNVD-2016-00702)

Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. An unspecified vulnerability in the Enterprise Manager Base Platform Agent Next Gen component of Oracle Enterprise Manager Grid Control allows local attackers to exploit the vulnerability to access data...

Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Enterprise Manager Base Platform Agent Next Gen Component (CNVD-2016-00703)

Oracle Enterprise Manager is an enhanced management suite for ORACLE Fusion endpoint software. An unspecified vulnerability in the Enterprise Manager Base Platform Agent Next Gen component of Oracle Enterprise Manager Grid Control allows local attackers to exploit the vulnerability to access data...

CVE-2015-4958

IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 does not properly restrict browser caching, which allows local users to obtain sensitive information by reading cache files...