Page 53 of 262 results (0.012 seconds)

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2014-1909

https://notcve.org/view.php?id=CVE-2014-1909

Integer signedness error in system/core/adb/adb_client.c in Android Debug Bridge (ADB) for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow. Error de signo de enteros en system/core/adb/adb_client.c en Android Debug Bridge (ADB) para Android 4.4 en las herramientas de plataforma de Android SDK 18.0.1 permite a servidores ADB ejecutar código arbitrario a través de un valor de longitud negativo, lo que evade una comparación de signo y provoca un desbordamiento de buffer basado en pila. • http://lists.opensuse.org/opensuse-updates/2014-05/msg00038.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00039.html http://seclists.org/oss-sec/2014/q1/291 http://www.securityfocus.com/bid/65403 https://exchange.xforce.ibmcloud.com/vulnerabilities/91291 • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 0%CPEs: 223EXPL: 0

CVE-2014-1484

https://notcve.org/view.php?id=CVE-2014-1484

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application. Mozilla Firefox anterior a 27.0 en Android 4.2 y anteriores crea entradas en el registro del sistema que contienen rutas de perfil, lo que permite a atacantes remotos obtener información sensible a través de una aplicación manipulada. • http://archives.neohapsis.com/archives/bugtraq/2014-03/0153.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html http://osvdb.org/102870 http://www.mozilla.org/security/announce/2014/mfsa2014-06.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/65323 http://www.securitytracker.com/id/1029719 https://bugzilla.mozilla.org/show • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •