CVE-2017-18306

CVE-2017-18306 refers to an information disclosure in Qualcomm’s camera subsystem (v4l2) within the Snapdragon/Qualcomm components due to an uninitialized variable. The Red Hat and NVD records confirm a local-access information exposure with a high confidentiality impact; the CVE is cataloged und...

CVE-2023-0163

CVE-2023-0163 applies to Mozilla Convict prior to 6.2.4, describing a prototype pollution flaw that allows an attacker to modify object prototype attributes or inject attributes used elsewhere, potentially leading to a crash. The vulnerability affects server-side configuration handling by admins ...

CVE-2023-2142

CVE-2023-2142 affects Nunjucks

CVE-2023-1521

CVE-2023-1521 affects the sccache project on Linux. The vulnerability allows a local attacker to execute arbitrary code with the privileges of a local sccache server by preloading a shared library via LD_PRELOAD. If the server runs as root (default when installed via the snap package), a normal u...

CVE-2018-11922

Technical details (affected product/version, root cause, impact, fixes) for CVE-2018-11922 are not publicly available in the provided connected documents. Monitor for updates from vendors and security bulletins.

CVE-2017-17772

CVE-2017-17772 concerns multiple buffer overread vulnerabilities in WLAN-related code. Across sources, the issue is described as out-of-bounds reads occurring in functions that process 802.11 frames due to insufficient validation, with Qualcomm components (WLAN HOST) explicitly listed in the 2017...

CVE-2017-15832

CVE-2017-15832 describes a buffer overwrite in the WLAN host driver due to improper input validation in Qualcomm WLAN components. Reported across multiple feeds (NVD, Red Hat, CVE lists) with related references to WLAN subsystem and Qualcomm QC IDs, the issue is framed as a local issue with high ...

CVE-2016-10394

CVE-2016-10394 is described across multiple connected sources as a Critical issue affecting Qualcomm closed‑source components (e.g., part of Android’s Qualcomm stack) with an initial note that xbl_sec revision lacked certain debug policy features and checks. Public bulletins (Android 2018-09-01/0...

CVE-2022-43936

CVE-2022-43936 affects Brocade SANnav before v2.2.2. The root cause is that enabling debugging causes Fabric OS switch passwords to be logged, risking disclosure of sensitive credentials. Impact is limited to password exposure via logs; no other compromises described. Remediation: upgrade to v2.2...

CVE-2022-43934

The CVE-2022-43934 entry concerns Brocade SANnav before version 2.2.2 that supports weak key exchange algorithms. Affected component: Brocade SANnav (Fibre Channel management platform). Impact as stated: weak key exchange on specific ports (24, 6514, 18023, 19094, 19095) which could expose confid...

CVE-2022-43933

CVE-2022-43933 affects Brocade SANnav prior to version 2.2.2. The vulnerability is an information exposure through log files: the supportsave/log data may contain configuration secrets such as usernames, passwords, and secret keys. Affects SANnav deployments where a log file generated by an admin...

CVE-2018-9487

CVE-2018-9487 affects Android components (Vpn.java: setVpnForcedLocked) where a bad UID check could block internet traffic through VPN, causing a local denial of service. Impact per available data: LOCAL attack vector with HIGH availability impact; UI interaction required for exploitation. CVSS m...

CVE-2018-9484

CVE-2018-9484 describes an out-of-bounds read in the Android Bluetooth L2CAP implementation: in l2cu_send_peer_config_rej within l2c_utils.cc, a missing bounds check can cause a remote information disclosure without requiring privileges or user interaction. The issue is labeled with a HIGH severi...

CVE-2018-9483

CVE-2018-9483 concerns a vulnerability in Android’s Bluetooth stack, specifically in the function bta_dm_remove_sec_dev_entry within bta_dm_act.cc . The issue is a possible out-of-bounds read caused by a use-after-free, which could allow remote information disclosure over Bluetooth without extra ...

CVE-2018-9482

The CVE-2018-9482 entry concerns the Bluetooth stack component: the function intr_data_copy_cb in btif_hd.cc. The flaw is described as an out-of-bounds read caused by an integer overflow, which could lead to local information disclosure in the Bluetooth service without extra privileges or user in...

CVE-2018-9480

CVE-2018-9480 describes an out-of-bounds read in bta_hd_get_report_act (bta_hd_act.cc) that could enable remote information disclosure via the Bluetooth service without user interaction. The issue stems from improper input validation. Documented details appear in NVD/Red Hat entries and the Andro...

CVE-2018-9479

CVE-2018-9479 concerns an out-of-bounds write in the Bluetooth SDP server logic (sdp_server.cc) within functions process_service_attr_req and process_service_search_attr_req. The issue, observed across sources including Red Hat and NVD descriptions, could enable remote code execution without addi...

CVE-2018-9477

CVE-2018-9477 is an Elevation of Privilege issue in Android’s Settings app (Development options) caused by a missing permission check. It enables a local attacker to bypass authentication and escalate privileges with no additional execution privileges required, though user interaction is needed f...

CVE-2018-9474

CVE-2018-9474 is a local elevation-of-privilege in Android’s Media Framework, triggered by a serialization/deserialization mismatch in MediaPlayer.writeToParcel. Affected software includes Android 7.0–9; exploited via crafted media content with no user interaction. The issue is documented in the ...

CVE-2018-9472

The CVE-2018-9472 entry concerns a flaw in xmlMemStrdupLoc within xmlmemory.c, causing an out-of-bounds write due to an integer overflow. This could enable remote code execution in an unprivileged process with no extra privileges, and requires user interaction to exploit. Red Hat and CVE sources ...