Security Vulnerabilities - CVEs Published In 2016
Off-by-one error in server/wifi/anqp/VenueNameElement.java in Wi-Fi in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (reboot) via an access point that provides a crafted (1) Venue Group or (2) Venue Type value, aka internal bug 29464811.
CVSS Score
6.5
EPSS Score
0.002
Published
2016-10-10
sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29323142 and Qualcomm internal bug CR 1038127.
CVSS Score
5.5
EPSS Score
0.001
Published
2016-10-10
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.
CVSS Score
6.1
EPSS Score
0.0
Published
2016-10-10
arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs.
CVSS Score
7.3
EPSS Score
0.001
Published
2016-10-10
Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 30142668 and Qualcomm internal bug CR 948902.
CVSS Score
7.8
EPSS Score
0.001
Published
2016-10-10
arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.
CVSS Score
5.5
EPSS Score
0.001
Published
2016-10-10
Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (zero-value write) or possibly have unspecified other impact via a COMPAT_FASTRPC_IOCTL_INVOKE_FD ioctl call.
CVSS Score
7.0
EPSS Score
0.001
Published
2016-10-10
Pagure 2.2.1 XSS in raw file endpoint
CVSS Score
6.1
EPSS Score
0.002
Published
2016-10-07
Mirror Manager version 0.7.2 and older is vulnerable to remote code execution in the checkin code.
CVSS Score
9.8
EPSS Score
0.026
Published
2016-10-07
flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect
CVSS Score
7.4
EPSS Score
0.002
Published
2016-10-07