CVEs from 2014
Total
7,865
critical
critical 837
high
high 1,288
medium
medium 4,980
low
low 583
% Critical
10.6%
% with KEV
0.4%
% with exploit
9.8%
Top vendors
Top products
- chrome 3,804
- moodle 1,668
- flash_player 1,397
- firefox 1,239
- mediawiki 1,130
- ffmpeg 998
- acrobat 966
- acrobat_reader 944
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-5074 | high | — | 8.1 | 12y ago | Siemens SIMATIC S7-1500 CPU devices with firmware before 1.6 allow remote attackers to cause a denial of service (device restart and STOP transition) via crafted TCP packets. | |||
| CVE-2014-3085 | high | — | 8.1 | 12y ago | systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the l… | |||
| CVE-2014-2928 | high | — | 8.1 | 12y ago | The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1,… | |||
| CVE-2014-2996 | high | — | 8.1 | 12y ago | XCloner Standalone 3.5 and earlier, when enable_db_backup and sql_mem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackup_co… | |||
| CVE-2014-3222 | high | 7.0 | 8.0 | 9y ago | In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key… | |||
| CVE-2014-3053 | high | — | 8.0 | 12y ago | The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.… | |||
| CVE-2014-2347 | high | — | 8.0 | 12y ago | Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request. | |||
| CVE-2014-3434 | medium | — | 7.9 | 12y ago | Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbit… | |||
| CVE-2014-3560 | high | — | 7.9 | 12y ago | NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a… | |||
| CVE-2014-4943 | medium | — | 7.9 | 12y ago | The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. | |||
| CVE-2014-4699 | medium | — | 7.9 | 12y ago | The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows … | |||
| CVE-2014-3977 | medium | — | 7.9 | 12y ago | libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix… | |||
| CVE-2014-0356 | high | — | 7.9 | 12y ago | The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote attackers to execute arbitrary code via shell metacharacters in input to the (1) detectWeather, (2) set_langua… | |||
| CVE-2014-0355 | high | — | 7.9 | 12y ago | Multiple stack-based buffer overflows on the ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allow man-in-the-middle attackers to execute arbitrary code via (1) a long temp att… | |||
| CVE-2014-2851 | medium | — | 7.9 | 12y ago | Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gai… | |||
| CVE-2014-0983 | medium | — | 7.9 | 12y ago | Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/server_dispatch.py in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.… | |||
| CVE-2014-2033 | high | — | 7.9 | 12y ago | The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users t… | |||
| CVE-2014-0038 | medium | — | 7.9 | 13y ago | The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted tim… | |||
| CVE-2014-2828 | high | — | 7.8 | 4y ago | The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service (CPU consumption) via a large number of the sa… | |||
| CVE-2014-0047 | high | 7.8 | 7.8 | 9y ago | Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage. | |||
| CVE-2014-8156 | high | 7.8 | 7.8 | 9y ago | The D-Bus security policy files in /etc/dbus-1/system.d/*.conf in fso-gsmd 0.12.0-3, fso-frameworkd 0.9.5.9+git20110512-4, and fso-usaged 0.12.0-2 as packaged in Debian, the upstream cornucopia.git (… | |||
| CVE-2014-8872 | high | 7.8 | 7.8 | 9y ago | Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 LTE after firmware 5.22, FRITZ!Box 6840 LTE after firmware 5.23, and other models with firmware 5.50. | |||
| CVE-2014-0145 | high | 7.8 | 7.8 | 9y ago | Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_sn… | |||
| CVE-2014-1235 | high | 7.8 | 7.8 | 9y ago | Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: … | |||
| CVE-2014-9967 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in WideVine DRM. | |||
| CVE-2014-9965 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of an SCM call. | |||
| CVE-2014-9964 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality. | |||
| CVE-2014-9963 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WideVine DRM. | |||
| CVE-2014-9962 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of a DRM provisioning command. | |||
| CVE-2014-9961 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection. | |||
| CVE-2014-9960 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. | |||
| CVE-2014-9952 | high | 7.8 | 7.8 | 9y ago | In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist. | |||
| CVE-2014-9950 | high | 7.8 | 7.8 | 9y ago | In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist. | |||
| CVE-2014-9949 | high | 7.8 | 7.8 | 9y ago | In TrustZone in all Android releases from CAF using the Linux kernel, an Untrusted Pointer Dereference vulnerability could potentially exist. | |||
| CVE-2014-9948 | high | 7.8 | 7.8 | 9y ago | In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist. | |||
| CVE-2014-9946 | high | 7.8 | 7.8 | 9y ago | In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||
| CVE-2014-9945 | high | 7.8 | 7.8 | 9y ago | In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization vulnerability could potentially exist. | |||
| CVE-2014-9944 | high | 7.8 | 7.8 | 9y ago | In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. | |||
| CVE-2014-9943 | high | 7.8 | 7.8 | 9y ago | In Core Kernel in all Android releases from CAF using the Linux kernel, a Null Pointer Dereference vulnerability could potentially exist. | |||
| CVE-2014-9942 | high | 7.8 | 7.8 | 9y ago | In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist. | |||
| CVE-2014-9930 | high | 7.8 | 7.8 | 9y ago | In WCDMA in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||
| CVE-2014-9929 | high | 7.8 | 7.8 | 9y ago | In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist. | |||
| CVE-2014-9928 | high | 7.8 | 7.8 | 9y ago | In GERAN in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||
| CVE-2014-9927 | high | 7.8 | 7.8 | 9y ago | In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||
| CVE-2014-9926 | high | 7.8 | 7.8 | 9y ago | In GNSS in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist. | |||
| CVE-2014-9925 | high | 7.8 | 7.8 | 9y ago | In HDR in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||
| CVE-2014-9924 | high | 7.8 | 7.8 | 9y ago | In 1x in all Android releases from CAF using the Linux kernel, a Signed to Unsigned Conversion Error could potentially occur. | |||
| CVE-2014-9923 | high | 7.8 | 7.8 | 9y ago | In NAS in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist. | |||
| CVE-2014-9937 | high | 7.8 | 7.8 | 9y ago | In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | |||
| CVE-2014-9935 | high | 7.8 | 7.8 | 9y ago | In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | |||
| CVE-2014-9934 | high | 7.8 | 7.8 | 9y ago | A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding. | |||
| CVE-2014-9933 | high | 7.8 | 7.8 | 9y ago | Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access. | |||
| CVE-2014-9932 | high | 7.8 | 7.8 | 9y ago | In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation. | |||
| CVE-2014-9931 | high | 7.8 | 7.8 | 9y ago | A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value. | |||
| CVE-2014-9922 | high | 7.8 | 7.8 | 9y ago | The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overla… | |||
| CVE-2014-9114 | high | 7.8 | 7.8 | 9y ago | Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. | |||
| CVE-2014-9825 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824. | |||
| CVE-2014-9824 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825. | |||
| CVE-2014-9823 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819. | |||
| CVE-2014-9822 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file. | |||
| CVE-2014-9821 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. | |||
| CVE-2014-9820 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file. | |||
| CVE-2014-9819 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823. | |||
| CVE-2014-9817 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file. | |||
| CVE-2014-9835 | high | 7.8 | 7.8 | 9y ago | Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. | |||
| CVE-2014-9834 | high | 7.8 | 7.8 | 9y ago | Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. | |||
| CVE-2014-9833 | high | 7.8 | 7.8 | 9y ago | Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. | |||
| CVE-2014-9832 | high | 7.8 | 7.8 | 9y ago | Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. | |||
| CVE-2014-4677 | high | 7.8 | 7.8 | 9y ago | The installPackage function in the installerHelper subcomponent in Libmacgpg in GPG Suite before 2015.06 allows local users to execute arbitrary commands with root privileges via shell metacharacters… | |||
| CVE-2014-9914 | high | 7.8 | 7.8 | 9y ago | Race condition in the ip4_datagram_release_cb function in net/ipv4/datagram.c in the Linux kernel before 3.15.2 allows local users to gain privileges or cause a denial of service (use-after-free) by … | |||
| CVE-2014-9891 | high | 7.8 | 7.8 | 10y ago | drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain buffer addresses, which allows attackers to gain privileges via a crafted a… | |||
| CVE-2014-9890 | high | 7.8 | 7.8 | 10y ago | Off-by-one error in drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileg… | |||
| CVE-2014-9889 | high | 7.8 | 7.8 | 10y ago | drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate CPP frame messages, which allows attackers to gai… | |||
| CVE-2014-9888 | high | 7.8 | 7.8 | 10y ago | arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might… | |||
| CVE-2014-9887 | high | 7.8 | 7.8 | 10y ago | drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain length values, which allows attackers to gain privileges via a… | |||
| CVE-2014-9886 | high | 7.8 | 7.8 | 10y ago | arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers … | |||
| CVE-2014-9885 | high | 7.8 | 7.8 | 10y ago | Format string vulnerability in drivers/thermal/qpnp-adc-tm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices allows attackers to gain privileges via a crafted application t… | |||
| CVE-2014-9884 | high | 7.8 | 7.8 | 10y ago | drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain pointers, which allows attackers to gain privileges via a craf… | |||
| CVE-2014-9883 | high | 7.8 | 7.8 | 10y ago | Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive inform… | |||
| CVE-2014-9882 | high | 7.8 | 7.8 | 10y ago | Buffer overflow in drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, ak… | |||
| CVE-2014-9881 | high | 7.8 | 7.8 | 10y ago | drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices uses an incorrect integer data type, which allows attackers to gain privileges or ca… | |||
| CVE-2014-9880 | high | 7.8 | 7.8 | 10y ago | drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate VEN_IOCTL_GET_SEQUENCE_HDR ioctl calls, which allows attac… | |||
| CVE-2014-9879 | high | 7.8 | 7.8 | 10y ago | The mdss mdp3 driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate user-space data, which allows attackers to gain privileges via a crafted application,… | |||
| CVE-2014-9878 | high | 7.8 | 7.8 | 10y ago | drivers/mmc/card/mmc_block_test.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges v… | |||
| CVE-2014-9877 | high | 7.8 | 7.8 | 10y ago | drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices mishandles a user-space pointer, which allo… | |||
| CVE-2014-9876 | high | 7.8 | 7.8 | 10y ago | drivers/char/diag/diagfwd.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices mishandles certain integer values, which allows attackers to gain privi… | |||
| CVE-2014-9875 | high | 7.8 | 7.8 | 10y ago | drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application that sends short DCI reque… | |||
| CVE-2014-9874 | high | 7.8 | 7.8 | 10y ago | Buffer overflow in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, related to arch/arm/mac… | |||
| CVE-2014-9873 | high | 7.8 | 7.8 | 10y ago | Integer underflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive infor… | |||
| CVE-2014-9872 | high | 7.8 | 7.8 | 10y ago | The diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not ensure unique identifiers in a DCI client table, which allows attackers to gain privileges via a cr… | |||
| CVE-2014-9871 | high | 7.8 | 7.8 | 10y ago | Multiple buffer overflows in drivers/media/platform/msm/camera_v2/isp/msm_isp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allow attackers to gain pr… | |||
| CVE-2014-9870 | high | 7.8 | 7.8 | 10y ago | The Linux kernel before 3.11 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly consider user-space access to the TPIDRURW register, which allow… | |||
| CVE-2014-9869 | high | 7.8 | 7.8 | 10y ago | drivers/media/platform/msm/camera_v2/isp/msm_isp_stats_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate certain index values, which all… | |||
| CVE-2014-9868 | high | 7.8 | 7.8 | 10y ago | drivers/media/platform/msm/camera_v2/sensor/csiphy/msm_csiphy.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via an appl… | |||
| CVE-2014-9867 | high | 7.8 | 7.8 | 10y ago | drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate the number of streams, which allo… | |||
| CVE-2014-9866 | high | 7.8 | 7.8 | 10y ago | drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate a certain parameter, which allows… | |||
| CVE-2014-9865 | high | 7.8 | 7.8 | 10y ago | drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly restrict user-space input, which allows attackers to gain privileges v… | |||
| CVE-2014-9864 | high | 7.8 | 7.8 | 10y ago | drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate ioctl calls, which allows attackers to gain privileges via a crafted a… | |||
| CVE-2014-9863 | high | 7.8 | 7.8 | 10y ago | Integer underflow in the diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a … | |||
| CVE-2014-9862 | high | 7.8 | 7.8 | 10y ago | Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple OS X before 10.11.6 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (he… |