CVE-2018-12268
acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metacharacters in a username or password file, as demonstrated by injection into an smbclient command line.
Source: CVE-2018-12268
[월:] 2018년 06월
CVE-2018-12263
CVE-2018-12263
portfolioCMS 1.0.5 allows upload of arbitrary .php files via the admin/portfolio.php?newpage=true URI.
Source: CVE-2018-12263
CVE-2018-12265
CVE-2018-12265
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.
Source: CVE-2018-12265
CVE-2018-12264
CVE-2018-12264
Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.
Source: CVE-2018-12264
CVE-2018-12266
CVE-2018-12266
systemerrors4.php in HongCMS 3.0.0 has XSS via crafted input that triggers a 404 HTTP status code.
Source: CVE-2018-12266
CVE-2018-5849
CVE-2018-5849
Due to a race condition in the QTEECOM driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, when more than one HLOS client loads the same TA, a Use After Free condition can occur.
Source: CVE-2018-5849
CVE-2018-5851
CVE-2018-5851
Buffer over flow can occur while processing a HTT_T2H_MSG_TYPE_TX_COMPL_IND message with an out-of-range num_msdus value in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Source: CVE-2018-5851
CVE-2017-18070
CVE-2017-18070
In wma_ndp_end_response_event_handler(), the variable len_end_rsp is a uint32 which can be overflowed if the value of variable "event->num_ndp_end_rsp_per_ndi_list" is very large which can then lead to a heap overwrite of the heap object end_rsp in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Source: CVE-2017-18070
CVE-2017-15857
CVE-2017-15857
In the camera driver, an out-of-bounds access can occur due to an error in copying region params from user space in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Source: CVE-2017-15857
CVE-2017-15854
CVE-2017-15854
The value of fix_param->num_chans is received from firmware and if it is too large, an integer overflow can occur in wma_radio_chan_stats_event_handler() for the derived length len leading to a subsequent buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Source: CVE-2017-15854