Vulnerabilities > Permissions, Privileges, and Access Controls
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-18 | CVE-2015-4082 | Permissions, Privileges, and Access Controls vulnerability in Attic Project Attic attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to "unencrypted / without key file". | 6.5 |
| 2017-08-18 | CVE-2015-1878 | Permissions, Privileges, and Access Controls vulnerability in Thalesesecurity Nshield Connect Firmware 11.30 Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key [KNETI] and impersonate the nShield Connect device on a network, affect the integrity and confidentiality of newly created keys, and potentially cause other unspecified impacts using previously loaded keys by connecting to the USB port on the front panel. | 6.8 |
| 2017-08-16 | CVE-2016-5867 | Permissions, Privileges, and Access Controls vulnerability in Google Android In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow. | 7.0 |
| 2017-08-16 | CVE-2016-5864 | Permissions, Privileges, and Access Controls vulnerability in Google Android In an audio driver function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, some parameters are from userspace, and if they are set to a large value, integer overflow is possible followed by buffer overflow. | 7.8 |
| 2017-08-16 | CVE-2016-5863 | Permissions, Privileges, and Access Controls vulnerability in Google Android In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses. | 7.8 |
| 2017-08-16 | CVE-2016-5862 | Permissions, Privileges, and Access Controls vulnerability in Google Android When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel crash occurs. | 7.0 |
| 2017-08-16 | CVE-2016-5861 | Permissions, Privileges, and Access Controls vulnerability in Google Android In a display driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow. | 8.8 |
| 2017-08-16 | CVE-2016-5860 | Permissions, Privileges, and Access Controls vulnerability in Google Android In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a heap buffer overflow. | 7.0 |
| 2017-08-16 | CVE-2016-5859 | Permissions, Privileges, and Access Controls vulnerability in Google Android In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow. | 7.0 |
| 2017-08-16 | CVE-2016-5853 | Permissions, Privileges, and Access Controls vulnerability in Google Android In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed, but code execution continues in the same way as for a correct length value. | 7.0 |