CVE-2016-3888

LOW Year: 2016
CVSS v3 Score
2.1
Low
CVSS v2 Score
2.1
Low
Weakness Type
CWE-264
View all →

Vulnerability Description

internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, and send premium SMS messages during the Setup Wizard provisioning stage, via unspecified vectors, aka internal bug 29420123.

Related Vulnerabilities

CVE-2015-7436

LOW
CVSS:2.5(Low)

IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos ...

CWE-2642015

CVE-2016-5979

LOW
CVSS:2.7(Low)

IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the ...

CWE-2642016

CVE-2017-18455

LOW
CVSS:2.7(Low)

In cPanel before 62.0.17, addon domain conversion did not require a package for resellers (SEC-208).

CWE-2642017

CVE-2016-4534

LOW
CVSS:3.0(Low)

The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and ...

CWE-2642016

CVE-2013-6446

LOW
CVSS:3.1(Low)

The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job information...

CWE-2642013

CVE-2015-7455

LOW
CVSS:3.1(Low)

IBM WebSphere Portal 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF20, and 8.5.x before 8.5.0.0 CF09 uses weak permissions for content items, which allows remote authenticated users to make modific...

CWE-2642015