Filtered by CWE-264
Total 5449 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-5860 1 Google 1 Android 2024-11-21 N/A
In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a heap buffer overflow.
CVE-2016-5859 1 Google 1 Android 2024-11-21 N/A
In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow.
CVE-2016-5857 1 Google 1 Android 2024-11-21 N/A
The Qualcomm SPCom driver in Android before 7.0 allows local users to execute arbitrary code within the context of the kernel via a crafted application, aka Android internal bug 34386529 and Qualcomm internal bug CR#1094140.
CVE-2016-5856 2 Google, Linux 2 Android, Linux Kernel 2024-11-21 N/A
Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857.
CVE-2016-5853 1 Google 1 Android 2024-11-21 N/A
In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed, but code execution continues in the same way as for a correct length value.
CVE-2016-5847 1 Sap 1 Sapcar Archive Tool 2024-11-21 N/A
SAP SAPCAR allows local users to change the permissions of arbitrary files and consequently gain privileges via a hard link attack on files extracted from an archive, possibly related to SAP Security Note 2327384.
CVE-2016-5821 1 Huawei 1 Hisuite 2024-11-21 N/A
Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0.4.301 (China) use a weak ACL (FILE_WRITE_DATA for BUILTIN\Users) for the HiSuite service directory, which allows local users to gain SYSTEM privileges via a Trojan horse (1) SspiCli.dll or (2) USERENV.dll file or possibly other unspecified DLL files.
CVE-2016-5729 1 Lenovo 1 Bios Efi Driver 2024-11-21 8.2 High
Lenovo BIOS EFI Driver allows local administrators to execute arbitrary code with System Management Mode (SMM) privileges via unspecified vectors.
CVE-2016-5723 1 Huawei 1 Fusioninsight Hd 2024-11-21 N/A
Huawei FusionInsight HD before V100R002C60SPC200 allows local users to gain root privileges via unspecified vectors.
CVE-2016-5720 1 Microsoft 1 Skype 2024-11-21 N/A
Multiple untrusted search path vulnerabilities in Microsoft Skype allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) msi.dll, (2) dpapi.dll, or (3) cryptui.dll that is located in the current working directory.
CVE-2016-5654 1 Misys 1 Fusioncapital Opics Plus 2024-11-21 N/A
Misys FusionCapital Opics Plus allows remote authenticated users to gain privileges via a man-in-the-middle attack that modifies the xmlMessageOut parameter.
CVE-2016-5647 1 Intel 1 Graphics Driver 2024-11-21 N/A
The igdkmd64 module in the Intel Graphics Driver through 15.33.42.435, 15.36.x through 15.36.30.4385, and 15.40.x through 15.40.4404 on Windows allows local users to cause a denial of service (crash) or gain privileges via a crafted D3DKMTEscape request.
CVE-2016-5573 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux and 3 more 2024-11-21 N/A
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
CVE-2016-5572 1 Oracle 1 Database 2024-11-21 N/A
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2016-5499 1 Oracle 1 Database Server 2024-11-21 N/A
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498.
CVE-2016-5422 1 Redhat 1 Jboss Operations Network 2024-11-21 N/A
The web console in Red Hat JBoss Operations Network (JON) before 3.3.7 does not properly authorize requests to add users with the super user role, which allows remote authenticated users to gain admin privileges via a crafted POST request.
CVE-2016-5406 1 Redhat 2 Enterprise Linux, Jboss Enterprise Application Platform 2024-11-21 N/A
The domain controller in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2 allows remote authenticated users to gain privileges by leveraging failure to propagate administrative RBAC configuration to all slaves.
CVE-2016-5374 1 Netapp 1 Data Ontap 2024-11-21 N/A
NetApp Data ONTAP 9.0 and 9.1 before 9.1P1 allows remote authenticated users that own SMB-hosted data to bypass intended sharing restrictions by leveraging improper handling of the owner_rights ACL entry.
CVE-2016-5365 1 Huawei 2 Honor Ws851, Honor Ws851 Firmware 2024-11-21 N/A
Stack-based buffer overflow in Huawei Honor WS851 routers with software 1.1.21.1 and earlier allows remote attackers to execute arbitrary commands with root privileges via unspecified vectors, aka HWPSIRT-2016-05051.
CVE-2016-5295 2 Microsoft, Mozilla 2 Windows, Firefox 2024-11-21 N/A
This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vulnerability requires local system access and is a variant of MFSA2013-44. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox < 50.