Security Vulnerabilities - CVEs Published In November 2018
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a partition name-check variable is not reset for every iteration which may cause improper termination in the META image.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-11-27
ShowDoc 2.4.1 allows remote attackers to obtain sensitive information by navigating with a modified page_id, as demonstrated by reading note content, or discovering a username in the JSON data at a diff URL.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-11-27
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, due to a race condition, a Use After Free condition can occur in Audio.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-11-27
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, existing checks in place on partition size are incomplete and can lead to heap overwrite vulnerabilities while loading a secure application from the boot loader.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-11-27
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while list traversal in LPM status driver for clean up, use after free vulnerability may occur.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-11-27
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a possible buffer overflow in debugfs module due to lack of check in size of input before copying into buffer.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-11-27
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a possible buffer overflow in display function due to lack of buffer length validation before copying.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-11-27
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, buffer overflow occur may occur in display handlers due to lack of checking in buffer size before copying into it and will lead to memory corruption.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-11-27
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a memory corruption can occur in kernel due to improper check in callers count parameter in display handlers.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-11-27
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a use after free issue in WLAN host driver can lead to device reboot.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-11-27