Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-8204 | 1 Huawei | 2 Honor 9, Honor 9 Firmware | 2017-12-11 | 9.3 HIGH | 7.8 HIGH |
| The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitrary code execution | |||||
| CVE-2017-2729 | 1 Huawei | 4 Honor 5a, Honor 5a Firmware, P8 Lite and 1 more | 2017-12-11 | 9.3 HIGH | 7.8 HIGH |
| The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier than CAM-UL00C00B193 have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system reboot, causing continuous system reboot or arbitrary code execution. | |||||
| CVE-2017-2698 | 1 Huawei | 2 P8, P8 Firmware | 2017-12-11 | 9.3 HIGH | 7.8 HIGH |
| The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege. | |||||
| CVE-2017-2716 | 1 Huawei | 2 Mate 9, Mate 9 Firmware | 2017-12-11 | 9.3 HIGH | 7.8 HIGH |
| The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 has buffer overflow vulnerability. An attacker tricks a user into installing a malicious application which has the system privilege of the Android system and sends a specific parameter to the driver of the smart phone, causing a system crash or privilege escalation. | |||||
| CVE-2016-0773 | 3 Canonical, Debian, Postgresql | 3 Ubuntu Linux, Debian Linux, Postgresql | 2017-12-08 | 5.0 MEDIUM | 7.5 HIGH |
| PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression. | |||||
| CVE-2017-7555 | 1 Augeas | 1 Augeas | 2017-12-08 | 7.5 HIGH | 9.8 CRITICAL |
| Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution. | |||||
| CVE-2017-5122 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-12-08 | 6.8 MEDIUM | 8.8 HIGH |
| Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page. | |||||
| CVE-2017-2714 | 1 Huawei | 1 Fusionsphere Openstack | 2017-12-08 | 7.7 HIGH | 8.0 HIGH |
| The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service (DoS) condition in the affected system. | |||||
| CVE-2017-8162 | 1 Huawei | 34 Ar120-s, Ar120-s Firmware, Ar1200 and 31 more | 2017-12-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR150 with software V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR150-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR160 with software V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR200 with software V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30,AR200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR2200 with software V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR2200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30,AR510 with software V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30,NetEngine16EX with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,SMC2.0 with software V100R003C10, V100R005C00, V500R002C00, V600R006C00,SRG1300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG2300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG3300 with software V200R006C10, V200R007C00, V200R008C20, V200R008C30 have a DoS vulnerability. Due to incorrect malformed message processing logic, an authenticated, remote attacker could send specially crafted message to the target device.Successful exploit of the vulnerability could cause stack overflow and make a service unavailable. | |||||
| CVE-2017-8179 | 1 Huawei | 2 Mtk Platform Smart Phone, Mtk Platform Smart Phone Firmware | 2017-12-08 | 6.8 MEDIUM | 7.8 HIGH |
| The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation. | |||||
| CVE-2017-8184 | 1 Huawei | 2 Mtk Platform Smart Phone, Mtk Platform Smart Phone Firmware | 2017-12-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to cause to any memory access vulnerabilities, leading to sensitive information leakage. | |||||
| CVE-2017-8180 | 1 Huawei | 2 Mtk Platform Smart Phone, Mtk Platform Smart Phone Firmware | 2017-12-08 | 6.8 MEDIUM | 7.8 HIGH |
| The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation. | |||||
| CVE-2017-8181 | 1 Huawei | 2 Mtk Platform Smart Phone, Mtk Platform Smart Phone Firmware | 2017-12-08 | 6.8 MEDIUM | 7.8 HIGH |
| The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a arbitrary memory write vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation. | |||||
| CVE-2017-2725 | 1 Huawei | 4 P10, P10 Firmware, P10 Plus and 1 more | 2017-12-08 | 9.3 HIGH | 7.8 HIGH |
| Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system reboot, causing continuous system reboot or arbitrary code execution. | |||||
| CVE-2017-2726 | 1 Huawei | 4 P10, P10 Firmware, P10 Plus and 1 more | 2017-12-08 | 9.3 HIGH | 8.4 HIGH |
| Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system reboot, causing continuous system reboot or arbitrary code execution. | |||||
| CVE-2017-2724 | 1 Huawei | 4 P10, P10 Firmware, P10 Plus and 1 more | 2017-12-08 | 9.3 HIGH | 8.4 HIGH |
| Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system reboot, causing continuous system reboot or arbitrary code execution. | |||||
| CVE-2017-8170 | 1 Huawei | 2 Vie-l09, Vie-l09 Firmware | 2017-12-08 | 9.3 HIGH | 7.8 HIGH |
| Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the smart phone, causing the smartphone restart or arbitrary code execution. | |||||
| CVE-2017-8169 | 1 Huawei | 2 Vie-l09, Vie-l09 Firmware | 2017-12-08 | 9.3 HIGH | 7.8 HIGH |
| Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the smart phone, causing the smartphone restart or arbitrary code execution. | |||||
| CVE-2017-8149 | 1 Huawei | 4 P10, P10 Firmware, P10 Plus and 1 more | 2017-12-08 | 7.1 HIGH | 5.5 MEDIUM |
| The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an out-of-bounds memory access vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. the APP can modify specific data to cause buffer overflow in the next system reboot, causing out-of-bounds memory read which can continuous system reboot. | |||||
| CVE-2017-8150 | 1 Huawei | 8 P10, P10 Firmware, P10 Plus and 5 more | 2017-12-08 | 9.3 HIGH | 7.8 HIGH |
| The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause arbitrary memory writing in the next system reboot, causing continuous system reboot or arbitrary code execution. | |||||