CVE-2016-6848

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...

Design/Logic Flaw

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...

CVE-2016-6706

An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to...

UBUNTU-CVE-2016-6706

An elevation of privilege vulnerability in libstagefright in Mediaserver in Android 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to...

Symantec VIP Access Desktop Local Code Execution Vulnerability

Symantec VIP Access Desktop is a set of online account security protection software from Symantec Symantec. A local code execution vulnerability exists in Symantec VIP Access Desktop versions prior to 2.2.3, which arises from the program failing to filter user-submitted input. A local attacker...

CVE-2016-6737

An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise,...

CVE-2016-6736

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which...

CVE-2016-6707

An elevation of privilege vulnerability in System Server in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local...

CVE-2016-6700

An elevation of privilege vulnerability in libzipfile in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Critical due to the possibility of ...

UBUNTU-CVE-2016-6737

An elevation of privilege vulnerability in the kernel ION subsystem in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise,...

UBUNTU-CVE-2016-6700

An elevation of privilege vulnerability in libzipfile in Android 4.x before 4.4.4, 5.0.x before 5.0.2, and 5.1.x before 5.1.1 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Critical due to the possibility of ...

UBUNTU-CVE-2016-6705

An elevation of privilege vulnerability in Mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High...

UBUNTU-CVE-2016-6735

An elevation of privilege vulnerability in the NVIDIA GPU driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which...

HP Network Node Manager i Local Code Execution Vulnerability

HP NNMI is a solution for network services. A local code execution vulnerability exists in HP Network Node Manager i. Exploitation of the vulnerability by a local attacker could affect the execution of arbitrary code in the context of the application, failure of which could result in a denial of...

Apple iOS/macOS Local Code Execution Vulnerability

Apple iOS/macOS is a set of operating systems developed for mobile devices. A local code execution vulnerability exists in Apple iOS/macOS, which can be exploited by an attacker to execute arbitrary code with root privileges...

Oracle VM VirtualBox Component Local Arbitrary Code Execution Vulnerability (CNVD-2016-09791)

Oracle Virtualization VirtualBox Oracle Oracle a virtualization product suite. Oracle VM VirtualBox is one of the virtual machine components. A local arbitrary code execution vulnerability exists in the Core subcomponent of the Oracle VM VirtualBox component of Oracle Virtualization, versions pri...

Oracle VM VirtualBox Component Local Arbitrary Code Execution Vulnerability

Oracle Virtualization VirtualBox Oracle Oracle a virtualization product suite. Oracle VM VirtualBox is one of the virtual machine components. A localized arbitrary code execution vulnerability exists in the Core subcomponent of the Oracle VM VirtualBox component of Oracle Virtualization, versions...

Microsoft Windows 'Capcom.sys' DLL Documents Local Code Execution Vulnerability

Microsoft Windows is a series of operating systems released by Microsoft Corporation in the United States. kernel is one of the kernels. A local code execution vulnerability exists in Microsoft Windows due to a failure to adequately filter user input. An attacker could exploit this vulnerability ...

Open-Xchange AppSuite Local Code Execution Vulnerability

Open-Xchange AppSuite OX AppSuite is a suite of Web-based cloud desktop environments from Open-Xchange, Inc. in the United States. The environment allows users to manage email, tasks, files, etc. more intuitively. A local code execution vulnerability exists in Open-Xchange AppSuite, which can be...

Huawei HiSuite Local Code Execution Vulnerability

Huawei HiSuite is a set of cell phone assistant software for PC from Huawei, China. A local code execution vulnerability exists in Huawei HiSuite, which could be exploited by an attacker to execute arbitrary code...